• Online, Self-Paced
Course Description

Sessions are like a verified conversation between trusted systems, which makes session hijacking a common form of attack. In this course, you'll learn about session hijacking, including how it's accomplished and the different types. Session hijacking attacks can be performed at the network level, so you'll also explore common network-based session hijacking attacks such as UDP, TCP, and RST hijacking. Next, you'll move on to examine common application level session hijacking attacks such as man-in-the-middle, man-in-the-browser, cross-site scripting, and cross-site request forgery. Finally, you'll learn about common session hijacking security controls and countermeasures, as well as best practices like using encrypted protocols and secure session handling techniques. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v11 (312-50) exam.

Learning Objectives

{"describe session hijacking and how it can be accomplished","recognize the different types of session hijacking"}

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.