PrepAway - Latest Free Exam Questions & Answers

Which of the following attacks allows for this impersonation?

Joe, a user, in a coffee shop is checking his email over a wireless network. An attacker records the
temporary credentials being passed to Joe’s browser. The attacker later uses the credentials to
impersonate Joe and creates SPAM messages. Which of the following attacks allows for this
impersonation?

PrepAway - Latest Free Exam Questions & Answers

A.
XML injection

B.
Directory traversal

C.
Header manipulation

D.
Session hijacking

Explanation:
In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a
valid computer session—sometimes also called a session key—to gain unauthorized access to information
or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to
authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookiesused to maintain a session on many web sites can be easily stolen by an attacker using an intermediary
computer or with access to the saved cookies on the victim’s computer.
Incorrect Answers:
A: When a web user takes advantage of a weakness with SQL by entering values that they should not, it is
known as a SQL injection attack. Similarly, when the user enters values that query XML (known as XPath)
with values that take advantage of exploits, it is known as an XML injection attack. XPath works in a
similar manner to SQL, except that it does not have the same levels of access control, and taking
advantage of weaknesses within can return entire documents. The best way to prevent XML injection
attacks is to filter the user’s input and sanitize it to make certain that it does not cause XPath to return
more data than it should. This is not what is described in this question. This answer is therefore incorrect.
B: Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to
access data in a directory other than the server’s root directory. If the attempt is successful, the hacker
can view restricted files or even execute commands on the server.
Although some educated guesswork is involved in finding paths to restricted files on a Web server, a
skilled hacker can easily carry out this type of attack on an inadequately protected server by searching
through the directory tree. The risk of such attacks can be minimized by careful Web server
programming, the installation of software updates and patches, filtering of input from browsers, and the
use of vulnerability scanners. This is not what is described in this question. This answer is therefore
incorrect.
C: A header manipulation attack uses other methods (hijacking, cross-site forgery, and so forth) to change
values in HTTP headers and falsify access. When used with XSRF, the attacker can even change a user’s
cookie. Internet Explorer 8 and above include InPrivate Filtering to help prevent some of this. By default,
your browser sends information to sites as they need it—think of requesting a map from a site; it needs
to know your location in order to give directions. With InPrivate Filtering, you can configure the browser
not to share information that can be captured and manipulated. This is not what is described in this
question. This answer is therefore incorrect.

http://en.wikipedia.org/wiki/Session_hijacking
http://searchsecurity.techtarget.com/definition/directory-traversalDulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 337, 340


Leave a Reply