Computer Hacking Forensic Investigator (CHFI) Practice Exam 2025 - Free CHFI Practice Questions and Comprehensive Study Guide

The correct term for when an attacker changes their IP address to impersonate another user is IP address spoofing. This technique involves the attacker forging the source IP address of their packets to make it appear as though they are sending data from a trusted source. By doing this, attackers can bypass various security measures and gain unauthorized access to systems, as the recipient may trust the fake IP address.

IP address spoofing is commonly used in various types of attacks, including Distributed Denial of Service (DDoS) attacks and certain types of network reconnaissance. This method exploits the inherent trust that network devices have for the source IP address in packet headers.

The other options refer to different types of malicious activity that do not involve changing an IP address to impersonate users. For instance, a man-in-the-middle attack involves intercepting and potentially altering communication between two parties without their knowledge, rather than impersonating them with a fake IP address. Denial of Service attacks focus on overwhelming a target system with traffic, and session sniffing involves capturing and analyzing data packets from a session to extract information rather than masquerading as another user.