1_3_8 Section 1 – Attacks, Threats, and Vulnerabilities - 1.3 – Application Attacks - SSL Stripping

Questions and Answers

What is a common way for attackers to decrypt data flowing over an encrypted channel?

• Firewall configuration
• SSL stripping (correct)
• MAC address filtering
• DNS poisoning

How does an attacker perform an HTTP downgrade attack?

• By launching a DDoS attack
• By sitting in the middle of communication and modifying the data flow (correct)
• By encrypting all communication
• By configuring a VPN

What method might attackers use to be in the middle of client-server communication for SSL stripping?

• IPsec tunneling
• TCP handshake
• VLAN configuration
• ARP spoofing (correct)

Why might a victim not notice an SSL stripping attack?

The attacker ensures everything looks normal on the screen (B)

How can organizations mitigate the risk of SSL stripping attacks?

By upgrading and maintaining software on client and server workstations (B)

What can attackers potentially gain access to during an SSL stripping attack?

Unencrypted data flowing between client and server (A)

What does it mean when a software is deprecated?

Industry best practices recommend not using it. (B)

When was SSL version 2.0 released?

1995 (A)

Which version of SSL was found to be vulnerable to cryptographic vulnerabilities and deprecated in June 2015?

SSL 3.0 (A)

What is the current name for the encryption method that was previously known as SSL?

Transport Layer Security (TLS) (D)

Which version of TLS was released in 2006 but deprecated in January 2020?

TLS 1.1 (B)

What communication method does an attacker intercept in an SSL stripping attack to initiate an on-path attack?

HTTP communication (B)

What is the main objective of an SSL stripping attack?

To decrypt encrypted data (A)

How does an attacker initiate an SSL stripping attack?

By sitting in the middle of client-server communication (A)

What visual clue might indicate an SSL stripping attack to a victim?

The absence of encryption indicators in the browser (D)

Which technique might an attacker use to be in the middle of client-server communication for an SSL stripping attack?

DNS poisoning (A)

Why is maintaining software important in preventing SSL stripping attacks?

To address vulnerabilities and security flaws (B)

What can an attacker achieve by successfully executing an SSL stripping attack?

Modify communication between client and server (A)

What action can help in preventing an SSL stripping attack?

Ensuring web servers only respond to HTTPS requests (D)

Why was SSL version 3.0 deprecated in June 2015?

Because it was susceptible to cryptographic vulnerabilities (C)

What is the primary goal of an SSL stripping attack?

To intercept and modify communication between client and server (C)

Which version of TLS effectively replaced SSL 3.0?

TLS 1.0 (A)

What method does an attacker use during an SSL stripping attack to initiate communication with the web server?

Requesting the web server to switch from HTTP to HTTPS (D)

In an SSL stripping attack, what does the attacker do after intercepting an encrypted page from the web server?

Sends it unchanged to the website visitor (C)

What is one role of the attacker in an SSL stripping attack?

To decrypt and modify web server responses (A)