Which of the following attacks could capture network user passwords?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
A network sniffer captures a copy every packet that traverses the network segment the sniffer is connect to.
Sniffers are typically devices that can collect information from a communication medium, such as a network.
These devices can range from specialized equipment to basic workstations with customized software.
A sniffer can collect information about most, if not all, attributes of the communication.
The most common method of sniffing is to plug a sniffer into an existing network device like a hub or switch.
A hub (which is designed to relay all traffic passing through it to all of its ports) will automatically begin sending all the traffic on that network segment to the sniffing device.
On the other hand, a switch (which is designed to limit what traffic gets sent to which port) will have to be specially configured to send all traffic to the port where the sniffer is plugged in.
Another method for sniffing is to use a network tapa device that literally splits a network transmission into two identical streams; one going to the original network destination and the other going to the sniffing device.
Each of these methods has its advantages and disadvantages, including cost, feasibility, and the desire to maintain the secrecy of the sniffing activity.
The packets captured by sniffer are decoded and then displayed by the sniffer.
Therfore, if the username/password are contained in a packet or packets traversing the segment the sniffer is connected to, it will capture and display that information (and any other information on that segment it can see)
Of course, if the information is encrypted via a VPN, SSL, TLS, or similar technology, the information is still captured and displayed, but it is in an unreadable format.
The following answers are incorrect: Data diddlinginvolves changing data before, as it is enterred into a computer, or after it is extracted.
Spoofing is forging an address and inserting it into a packet to disguise the origin of the communication - or causing a system to respond to the wrong address.
Smurfing would refer to the smurf attack, where an attacker sends spoofed packets to the broadcast address on a gateway in order to cause a denial of service.
The following reference(s) were/was used to create this question: CISA Review manual 2014 Page number 321 Official ISC2 Guide to the CISSP 3rd edition Page Number 153
The correct answer is B. Sniffing.
Explanation:
Sniffing is an attack that involves capturing data packets as they traverse a network. This technique can be used to intercept sensitive information such as passwords, usernames, and other confidential data. The attacker can use a packet sniffer tool to capture and analyze the packets of data that are transmitted over the network.
Data diddling is a type of attack where an attacker modifies data before or during entry into a computer system. This type of attack does not involve the capture of network user passwords.
IP spoofing is a technique used to impersonate another device on a network by forging the source IP address of packets. This technique can be used to carry out attacks such as Denial of Service (DoS) and Distributed Denial of Service (DDoS), but it does not involve the capture of network user passwords.
Smurfing is a type of DoS attack where the attacker sends a large number of ICMP echo request packets to a broadcast address, causing a flood of traffic that can overwhelm the target network. This type of attack also does not involve the capture of network user passwords.
Therefore, the correct answer is B. Sniffing, as it is the only attack listed that could be used to capture network user passwords.