1
Q
Explain Blind Session Hijacking
A
Attacker guesses next session id
2
Q
Explain UDP Session HIjacking
A
Sending UDP packets to the host which may not be validating the source
3
Q
Explain TCP Session Hijacking
A
ARP cache poisoning to MITM attack, intercept and take over the session by redirecting the packets with tool such as shyjack
4
Q
Parameters for RST Session Hijacking
A
- Ack numbers
- source port
- destination port
- IP
- sequence numbers
5
Q
MITM Packet Sniffing
A
Identifying username, password, and/or session id info from transmitted packets
CEH v11
flashcards
Decks in class (55)
# Cards
-
Hacking Methodology8
-
Windows Authentication6
-
CEH v11 EC-Council Certification Overview2
-
Basic Cybersecurity Concepts6
-
Attacker Motives, Goals, and Objectives1
-
Attack Classifications7
-
Information Warfare11
-
Network Sniffing Basics13
-
DHCP Sniffing Attacks3
-
ARP Poisoning5
-
DNS Poisoning3
-
Sniffing Defenses3
-
Steganography Tools and Techniques4
-
Covering Your Tracks4
-
Wireless Hacking4
-
Wireless Hacking Countermeasures3
-
Nmap TCP Connect Scan5
-
Nmap Stealth Scan4
-
Nmap Inverse TCP Scan8
-
Nmap ACK Scan8
-
Hacking Phases & Concepts3
-
Ethical Hacking Concepts4
-
SQL Injection & SQLMap1
-
SQL Injection Testing with SQLMap4
-
Session Hijacking Concepts4
-
Network Level Session Hijacking5
-
Application Level Session Hijacking10
-
Session Hijacking Countermeasures6
-
Geolocation Recon2
-
Social Networking Recon2
-
Job Board Recon1
-
Deep and Dark Webs Recon5
-
Cloud Computing Concepts19
-
Container Concepts6
-
Hacking Cloud Services6
-
Cloud Security Controls5
-
Nmap IDLE/IPID Scan5
-
Nmap UDP Scan4
-
Nmap SCTP scan4
-
Nmap IPv6 List and Version Scans2
-
Vulnerability Assessment Concepts and Resources7
-
Vulnerability Management Life Cycle4
-
Vulnerability Classification1
-
Password Attack Basics7
-
Password Extraction and Cracking5
-
Password Cracking Enhancement Techniques4
-
Malware Concepts and Components3
-
Advanced Persistent Threats3
-
Trojans4
-
Viruses and Worms5
-
Web Application Attacks & Vulnerabilities10
-
OWASP Top 10 Web Application Attacks 20172
-
Cryptography Concepts5
-
Crypto Algorithms and Implementations8
-
Cryptography Tools1
