a) To create new user sessions

b) To gain unauthorized access to active user sessions

c) To enhance system performance

d) To report security vulnerabilities

a) Cross-Site Scripting (XSS)

b) Brute force attacks

c) Phishing

d) Installing antivirus software

a) By ignoring the issue and hoping it goes away

b) By monitoring and analyzing user activities for suspicious behavior

c) By disabling all network services

d) By rebooting the server

a) Using easily guessable session tokens

b) Implementing strong authentication methods and encryption

c) Allowing unrestricted access to user sessions

d) Neglecting system updates

a) Ethical hackers are exempt from ethical guidelines when hijacking sessions for testing purposes.

b) Session hijacking should only be performed with explicit authorization in controlled environments.

c) Session hijacking is acceptable if it benefits the hacker's organization.

d) Session hijacking is always unethical, even in ethical hacking scenarios.