Passive Session Hijacking is described as:

• A. An attacker observes and records session traffic without interfering
• B. An attacker actively injects traffic to hijack a session
• C. A form of DDoS attack
• D. A firewall technique

Answer: (A)

Passive session hijacking is about watching and recording the traffic of a live session to steal the session identifier without causing any changes to the data being transmitted. The attacker simply eavesdrops, often on an insecure network, and captures cookies or tokens that prove the user’s session. With those tokens, the attacker can impersonate the user later, all without interrupting or altering the ongoing communication. That makes the description of observing and recording traffic without interference the best fit. If someone were to actively inject traffic to take over a session, that would be active session hijacking, not passive. A DDoS attack or a firewall technique describe other security scenarios and aren’t about hijacking a specific user session.