Certified Incident Handler (ECIH) — Question 18

Thomas, an employee of an organization, is restricted to access specific websites from his office system. He is trying to obtain admin credentials to remove the restrictions. While waiting for an opportunity, he sniffed communication between the administrator and an application server to retrieve the admin credentials. Identify the type of attack performed by Thomas in the above scenario.

Answer options

• A. Vishing
• B. Eavesdropping
• C. Phishing
• D. Dumpster diving

Correct answer: B

Explanation

The correct answer is B, Eavesdropping, because Thomas is intercepting communication to gain unauthorized access to sensitive information. The other options, such as Vishing, Phishing, and Dumpster diving, do not accurately describe the act of passively listening to communications to obtain credentials.