Which tool is commonly used to perform man-in-the-middle attacks on a LAN to capture credentials?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Computer Hacking Forensic Investigator v11 exam. Study with flashcards and multiple choice questions. Each question includes hints and explanations. Get exam-ready efficiently!

Multiple Choice

Which tool is commonly used to perform man-in-the-middle attacks on a LAN to capture credentials?

Explanation:
On a local network, grabbing credentials often starts with getting traffic to pass through the attacker’s machine. That’s done by a man-in-the-middle setup created through ARP poisoning, so the attacker can sniff and, if needed, alter the traffic between hosts. A tool built for this scenario is Ettercap. It specializes in MITM on a LAN, using ARP spoofing to position the attacker between devices, and it includes features like DNS spoofing, SSL stripping, and plugins/filters to extract credentials from various protocols as users log in. This combination—on-network interception and targeted credential harvesting—makes Ettercap the best fit for capturing credentials in a LAN MITM context. The other tools serve different purposes: Airsnort focuses on cracking WEP/WPA on wireless networks, not on LAN-based interception; Snort is an intrusion detection system used to monitor and alert on suspicious traffic rather than to manipulate and capture data; Nmap is a network scanner used for mapping and discovering hosts/services, not for performing MITM or credential capture.

On a local network, grabbing credentials often starts with getting traffic to pass through the attacker’s machine. That’s done by a man-in-the-middle setup created through ARP poisoning, so the attacker can sniff and, if needed, alter the traffic between hosts. A tool built for this scenario is Ettercap. It specializes in MITM on a LAN, using ARP spoofing to position the attacker between devices, and it includes features like DNS spoofing, SSL stripping, and plugins/filters to extract credentials from various protocols as users log in. This combination—on-network interception and targeted credential harvesting—makes Ettercap the best fit for capturing credentials in a LAN MITM context.

The other tools serve different purposes: Airsnort focuses on cracking WEP/WPA on wireless networks, not on LAN-based interception; Snort is an intrusion detection system used to monitor and alert on suspicious traffic rather than to manipulate and capture data; Nmap is a network scanner used for mapping and discovering hosts/services, not for performing MITM or credential capture.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy