Ethical Hacking Essentials Practice Test

Which attack involves impersonating a user by using stolen credentials, often captured through sniffing?

• A. Replay attack
• B. Session hijacking
• C. Credential stuffing
• D. Brute-force attack

The correct answer is: Replay attack

The attack that involves impersonating a user by using stolen credentials is best identified as a replay attack. In a replay attack, an attacker captures the credentials or the authentication tokens (such as session tokens) sent over the network and then uses that data to gain unauthorized access to a system or application. This typically occurs when the data is transmitted in an unencrypted format, making it vulnerable to sniffing. In such attacks, the attacker does not need to decipher the credentials; they simply replay the captured information to impersonate the legitimate user. This highlights the critical importance of using encryption and secure protocols to protect sensitive information during transmission, ensuring that stolen credentials cannot easily be reused. While session hijacking also involves taking control of a user session, it specifically refers to an attacker taking over an existing session rather than merely reusing stolen credentials, and credential stuffing refers to using automated tools to attempt logins across multiple sites using stolen credentials. A brute-force attack involves systematically trying various combinations to guess passwords rather than using already captured credentials. Thus, replay attacks directly align with the description of using stolen credentials to impersonate a user.