Which term describes an attack where packets and authentication tokens are captured using a sniffer?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which term describes an attack where packets and authentication tokens are captured using a sniffer?

Explanation:
Capturing traffic with a sniffer and then reusing those credentials to gain access is a replay attack. The attacker takes valid packets or authentication tokens from a previous session and presents them again to the system, impersonating the legitimate user. This happens when the protocol doesn’t enforce freshness for each authentication—there’s nothing to prevent the old data from being replayed as if it were a new login. To stop replay attacks, systems use fresh challenges (nonces), timestamps, or one-time or short-lived tokens, and often require mutually authenticated channels so that old captured data becomes useless. The other terms don’t describe this behavior: a jamming attack disrupts communication with interference, while access gateway layer and edge technology layer are architectural concepts, not attack methods.

Capturing traffic with a sniffer and then reusing those credentials to gain access is a replay attack. The attacker takes valid packets or authentication tokens from a previous session and presents them again to the system, impersonating the legitimate user. This happens when the protocol doesn’t enforce freshness for each authentication—there’s nothing to prevent the old data from being replayed as if it were a new login. To stop replay attacks, systems use fresh challenges (nonces), timestamps, or one-time or short-lived tokens, and often require mutually authenticated channels so that old captured data becomes useless. The other terms don’t describe this behavior: a jamming attack disrupts communication with interference, while access gateway layer and edge technology layer are architectural concepts, not attack methods.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy