True.
Hijacking and spoofing are both techniques used in cybersecurity attacks, but they differ in terms of when the takeover occurs. Hijacking refers to the unauthorized takeover of an active and authenticated session or connection. In other words, the attacker gains control over an already established and legitimate session between two parties.
On the other hand, spoofing involves the creation of a false or fake identity to deceive the target system or user. It typically occurs at the beginning of a session or connection, where the attacker impersonates someone else or masquerades as a trusted entity.
Therefore, the statement is true. Hijacking occurs during an authenticated session, meaning that the attacker takes over an already established and authorized connection, while spoofing happens at the initiation of a session where the attacker pretends to be someone or something they are not.
Please mark this as the answer, Thank You!