To sniff FTP credentials between the Swiss bank and its London subsidiary, which tool would you use?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Computer Hacking Forensic Investigator v11 exam. Study with flashcards and multiple choice questions. Each question includes hints and explanations. Get exam-ready efficiently!

Multiple Choice

To sniff FTP credentials between the Swiss bank and its London subsidiary, which tool would you use?

Explanation:
FTP credentials travel in cleartext over many FTP sessions, so to capture them you need to place yourself in the path between the two hosts on the network. That’s a classic man-in-the-middle situation on a LAN, which is exactly what ARP spoofing-based tools are built to do. Ettercap specializes in performing MITM attacks on a local network, enabling you to intercept and sniff traffic between hosts and capture credentials like FTP usernames and passwords. Snort is an intrusion detection system that analyzes traffic and alerts on suspicious activity but doesn’t actively intercept or capture credentials. Airsnort targets cracking WEP keys in wireless networks, not relevant here. RaidSniff is a generic packet-sniffing tool but does not provide the integrated MITM capabilities needed to place traffic under your control. So the best-fit tool for capturing FTP credentials in this scenario is Ettercap.

FTP credentials travel in cleartext over many FTP sessions, so to capture them you need to place yourself in the path between the two hosts on the network. That’s a classic man-in-the-middle situation on a LAN, which is exactly what ARP spoofing-based tools are built to do. Ettercap specializes in performing MITM attacks on a local network, enabling you to intercept and sniff traffic between hosts and capture credentials like FTP usernames and passwords. Snort is an intrusion detection system that analyzes traffic and alerts on suspicious activity but doesn’t actively intercept or capture credentials. Airsnort targets cracking WEP keys in wireless networks, not relevant here. RaidSniff is a generic packet-sniffing tool but does not provide the integrated MITM capabilities needed to place traffic under your control. So the best-fit tool for capturing FTP credentials in this scenario is Ettercap.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy