Cookie Snooping is primarily used for what purpose?

• A. Used to analyze users' surfing habits and sell that info to other attackers.
• B. Encrypt cookies to protect privacy.
• C. Prevent CSRF.
• D. Track login attempts.

Answer: (A)

Cookie snooping is about unauthorized access to the data stored in browser cookies, which can reveal a user’s online behavior and, if a session token is stored there, enable session hijacking. The main goal in such snooping is to harvest information about surfing habits and often to monetize it by selling it to advertisers or other attackers. Encrypting cookies would protect privacy, so that option describes a defense, not the snooping activity itself. CSRF prevention is a separate security concern, and while cookie data can influence many attacks, snooping is primarily about gathering information, not preventing CSRF. Tracking login attempts can occur as a side effect, but it isn’t the primary purpose of cookie snooping.