A code review reveals a web application is using time-based cookies for session management. This is a security concern because time-based cookies are easy to:
Time-based cookies are considered to be a security concern because they are easy to GUESS and can potentially be used by attackers to gain access to a user's session.
Here's an example of a time based cookie: Set-Cookie: SESSION_ID=12345; Expires=Fri, 31 Dec 2022 23:59:59 GMT
I work in a SOC. Polled all of my colleagues on this question, including my director of Cybersecurity. Choose to answer C if you wish, but we're in agreement the answer is A here. They aren't easy to guess from the server side, they are easy to parameterize and manipulate further code injection with them
This section is not available anymore. Please use the main Exam Page.CS0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
bob12356
Highly Voted 2 years, 5 months ago2Fish
2 years, 1 month agoJakeH
Most Recent 1 year, 7 months agoBRIGADIER
2 years, 3 months agodavid124
2 years, 3 months agoTIM0088
2 years, 4 months ago