Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam

Exam CISSP topic 1 question 306 discussion

Actual exam question from ISC's CISSP
Question #: 306
Topic #: 1
[All CISSP Questions]

Which of the following attack types can be used to compromise the integrity of data during transmission?

  • A. Synchronization flooding
  • B. Session hijacking
  • C. Keylogging
  • D. Packet sniffing
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nabs1
Highly Voted 2 years, 2 months ago
Selected Answer: B
I would think the answer as B. How can sniffing lead to integrity issues. I understand that it may lead to confidentially loss would not affect integrity.
upvoted 16 times
jackdryan
1 year, 6 months ago
B is correct
upvoted 1 times
...
GregP
2 years, 2 months ago
agreed. B is the only one that could potentially change the data
upvoted 3 times
...
...
TheManiac
Most Recent 6 months, 1 week ago
Selected Answer: B
Session Hijacking to hijack and compromise the data during transit. D is wrong because you just sniff and collect information there, not compromising the integrity.
upvoted 1 times
...
Dtony66
6 months, 3 weeks ago
Selected Answer: B
I would say B since taking over the session can change the integrity of the session and eavesdropping cannot. Are some of these "correct" answers incorrect?
upvoted 2 times
...
629f731
10 months, 2 weeks ago
Selected Answer: B
Session hijacking, also known as session takeover or session sidejacking, is an attack where an unauthorized user takes over an established user session.
upvoted 2 times
...
Soleandheel
11 months, 2 weeks ago
B. Session hijacking Packet sniffing primarily affects confidentiality by allowing attackers to eavesdrop on network traffic and potentially access sensitive information, session hijacking on the other hand impacts both confidentiality and integrity. Session hijacking involves an attacker taking control of a user's session, which can lead to unauthorized modifications of data and actions performed by the user, thus compromising the integrity of the data and user interactions.
upvoted 1 times
...
BoyBastos
1 year, 2 months ago
Selected Answer: B
B. Session hijacking Session hijacking, also known as session takeover or session sidejacking, is an attack where an unauthorized user takes over an established user session. Once the attacker has control of the session, they can manipulate or alter the data being transmitted, thus compromising its integrity. The other options listed can compromise confidentiality or availability but do not directly compromise the integrity of data during transmission in the same way that session hijacking does.
upvoted 3 times
...
HughJassole
1 year, 5 months ago
Session hijacking: https://www.omnisecu.com/ccna-security/types-of-network-attacks.php Sniffing is an attack on confidentiality, while session hijacking is on integrity.
upvoted 1 times
...
user009
1 year, 8 months ago
the answer is D. Packet sniffing. Explanation: Packet sniffing is the act of capturing and examining packets as they travel over a network. When an attacker intercepts these packets, they can analyze the content, modify it, and then retransmit it, which compromises the integrity of the data during transmission. The attacker could potentially inject malicious code, alter the content of the data, or falsify the information being transmitted.
upvoted 3 times
SSimko
10 months ago
The act of packet sniffing does not directly include modifying and resending the data for an attack, those are separate things. Packet sniffing is something that compromises confidentiality not integrity. Session hijacking directly allows the attacker to comprise the integrity of the data the user.
upvoted 1 times
...
...
Rollingalx
1 year, 9 months ago
I go for D. During a session hijacking attack, an attacker takes over a user's authenticated session by stealing their session token or other authentication credentials. This can allow the attacker to access sensitive data that is stored on the server or manipulate data that the user is working with during the session. However, it does not necessarily involve manipulating data during transmission. In contrast, packet sniffing involves intercepting and analyzing network traffic in order to capture and manipulate data as it is transmitted across the network. This can allow the attacker to modify or inject malicious data into the transmission, which compromises the integrity of the data.
upvoted 1 times
...
Dee83
1 year, 10 months ago
D. Packet sniffing can be used to compromise the integrity of data during transmission.
upvoted 1 times
...
trojix
1 year, 10 months ago
Selected Answer: D
Packet sniffing is a method of intercepting and analyzing network traffic to capture sensitive information such as login credentials, passwords, and other sensitive data. It can be used to compromise the integrity of data during transmission.
upvoted 3 times
...
Jay327
2 years ago
Selected Answer: B
vote B sniffing is a passive attack.
upvoted 2 times
...
WiDeBarulho
2 years, 1 month ago
Selected Answer: B
None of the other options affect integrity.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...