Which of the following attacks could capture network user passwords?
A.
Data diddling
B.
Sniffing
C.
IP Spoofing
D.
Smurfing
Explanation:
Password sniffing sniffs network traffic with the hope of capturing passwords being sent between computers.
Incorrect Answers:
A: Data diddling refers to the alteration of existing data.
C: Spoofing is forging an address and inserting it into a packet to disguise the origin of the communication – or
causing a system to respond to the wrong address.
D: Smurfing would refer to the smurf attack, where an attacker sends spoofed packets to the broadcast
address on a gateway in order to cause a denial of service.Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 599, 1059, 1060