What is a replay attack?
D2 ยท Threats ยท CompTIA Security+ SY0-701A replay attack occurs when an attacker captures valid authentication data (tokens, session cookies, hashed credentials) and retransmits it later to gain unauthorized access โ without needing to know the actual password.
Prevention: nonces (number used once โ each request has a unique value), timestamps (reject old requests), session tokens with expiry, sequence numbers.
Prevention: nonces (number used once โ each request has a unique value), timestamps (reject old requests), session tokens with expiry, sequence numbers.
Kerberos uses timestamps to prevent replay attacks (clocks must be within 5 minutes). TLS prevents replay via sequence numbers. If you see "nonce" or "timestamp" in an answer choice about replay โ that's usually correct.