ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 209 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 209
Topic #: 1
[All 312-50v12 Questions]

A security analyst is investigating a potential network-level session hijacking incident. During the investigation, the analyst finds that the attacker has been using a technique in which they injected an authentic-looking reset packet using a spoofed source IP address and a guessed acknowledgment number. As a result, the victim's connection was reset. Which of the following hijacking techniques has the attacker most likely used?

  • A. Blind hijacking
  • B. UDP hijacking
  • C. RST hijacking
  • D. TCP/IP hijacking
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by DarioReymag at Feb. 6, 2024, 10:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
agelbahri
5 months, 1 week ago
Selected Answer: C
RST hijacking involves injecting an authentic-looking reset (RST) packet by using a spoofed source IP address and predicting the acknowledgment number.
upvoted 1 times
...
blehbleh
8 months, 3 weeks ago
Selected Answer: A
Fairly certain this is A as it states in the questions "guessed acknowledgment number" so if the attacker guessed the acknowledgment number and is trying to inject an RST packet to reset the connection and was successful then the outcome would still be the same. I really feel like since the posted in the question that it was guessed it should eliminate any of other options but they put in the RST hijacking to try and throw people off.
upvoted 1 times
...
insaniunt
1 year, 5 months ago
Selected Answer: C
module 11 page 1562 from CEH v12 book
upvoted 2 times
...
przemyslaw1
1 year, 6 months ago
Selected Answer: C
RST hijacking involves injecting an authentic-looking reset (RST) packet using spoofed source address and predicting the acknowledgment number.
upvoted 3 times
...
Nopez
1 year, 6 months ago
RST Hijacking RST hijacking involves injecting an authentic-looking reset (RST) packet using spoofed source address and predicting the acknowledgment number. The hacker can reset the victim's connection if it uses an accurate acknowledgement number. The victim believes that the source actually sent the reset packet and resets the connection. RST Hijacking can be carried out using a packet crafting tool such as Colasoft's Packet Builder and TCP/IP analysis tool such as tcpdump.
upvoted 1 times
...
xbsumz
1 year, 6 months ago
Team can you confirm if this is accurate
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel