Spoofing vs. Session Hijacking

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Q: Two of the statements below are correct. Can you identify which?


a. In a spoofing attack, the valid user may still be active, but the attacker will utilize that user’s identity and/or data (the valid user’s session is not interrupted).

b. A session hijacking attack occurs when a hacker steals the session key or magic cookie, taking over the session and disconnecting the valid user.

c. A session hijacking attack occurs when a hacker steals the session key or magic cookie, taking over the session without disconnecting the valid user.

d. In a spoofing attack, the valid user must not be active that the attacker may access the IP address or other identifying data, masquerading as the valid user until the valid user’s session becomes active again.

 

View Topics

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel