[&] How does session fixation typically occur?
- Through the use of strong encryption protocols
- By predicting the user's next actions
- By luring the victim into using a fixed session token
- Through interception of encrypted traffic

[&] How might an attacker gain access to a session token via cross-site scripting?
- By using two-factor authentication
- By injecting malicious JavaScript into the web application
- By guessing the token value
- By intercepting traffic over a secured network

[&] What could be a consequence of session hijacking?
- Denial of Service
- Legal liability for the attacker
- Data theft
- Network congestion

[&] What is session hijacking?
- A method to predict session tokens
- A process to securely transmit session data
- A means to fix session identifiers to known values
- An attack where an attacker takes over a user's active session

[&] What is session fixation?
- An attack where an attacker takes over a session through a known token value
- A process of decoding session tokens
- A vulnerability related to insufficient token randomness
- A method for encrypting user data

[&] Which technique involves predicting a session token due to insufficient randomness?
- Cross-site scripting
- Session prediction
- Session fixation
- Traffic sniffing