Which of the following attacks are prevented from a mutual authentication solution?
Each correct answer represents a complete solution. Choose all that apply.

A.
Hijacking

B.
Man-in-the-middle attack

C.
Eavesdropping attack

D.
Phishing

Explanation:
The only way to protect against phishing, man-in-the-middle attacks, and hijacking is to use a mutual authentication solution. Mutual authentication or two-way authentication (sometimes written as 2WAY authentication) refers to two parties authenticating each other suitably. It refers to a client or user authenticating them selves to a server and that server authenticating itself to the user in such a way that both parties are assured of the others’ identity. This authentication system prevents man-in-the-middle attacks, which occur when the attacker successfully inserts an intermediary program between two communicating hosts.

Answer C is incorrect. The only way to protect against an eavesdropping attack is to use a strong encryption technique. Fact What is phishing? Hide Phishing is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number. An example of phishing attack is a fraudulent e-mail that appears to come from a user’s bank asking to change his online banking password. When the user clicks the link available on the e-mail, it directs him to a phishing site which replicates the original bank site. The phishing site lures the user to provide his personal information.

Fact What is man-in-the-middle attack? Hide Man-in-the-middle attacks occur when an attacker successfully inserts an intermediary software or program between two communicating hosts. The intermediary software or program allows attackers to listen to and modify the communication packets passing between the two hosts. The software intercepts the communication packets and then sends the information to the receiving host. The receiving host responds to the software, presuming it to be the legitimate client. Fact What is hijacking? Hide Hijacking is a type of network security attack in which the attacker takes control of a communication. In one type of hijacking (also known as a man in the middle attack), the perpetrator takes control of an established connection while it is in progress. The attacker intercepts messages in a public key exchange and then retransmits them, substituting their own public key for the requested one, so that the two original parties still appear to be communicating with each other directly. The attacker uses a program that appears to be the server to the client and appears to be the client to the server. This attack may be used simply to gain access to the messages, or to enable the attacker to modify them before retransmitting them. Fact What is eavesdropping? Hide Eavesdropping is the process of listening in private conversations. It also includes attackers listening in on the network traffic. For example, it can be done over telephone lines (wiretapping), e-mail, instant messaging, and any other method of communication considered private.
Reference. http.//searchsecurity.techtarget.com/sDefinition/0,,sid14_gci519370,00.html