What is a side-channel attack that retrieves sensitive information by measuring the response time of the server?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

What is a side-channel attack that retrieves sensitive information by measuring the response time of the server?

Timing side-channel attacks exploit differences in how long operations take to reveal secrets. In a web context, an attacker sends requests and measures the server’s response times, using the latency differences to infer information processed by the server (such as whether a username exists or how far a check has progressed). This specific approach, done over HTTP to a web server, is called a web-based timing attack. Cookies are just data stored by the browser, not an attack method. A Direct Timing Attack targets timing of a cryptographic operation itself, usually in a local or hardware context. A Cross-site Timing Attack implies timing analysis across origins, which isn’t required here. So the best description is a web-based timing attack.

What is a side-channel attack that retrieves sensitive information by measuring the response time of the server?

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

What is a side-channel attack that retrieves sensitive information by measuring the response time of the server?

Get the latest from Passetra