ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 412-79v8 All Questions

View all questions & answers for the 412-79v8 exam
Go to Exam

Exam 412-79v8 topic 1 question 86 discussion

Actual exam question from ECCouncil's 412-79v8
Question #: 86
Topic #: 1
[All 412-79v8 Questions]

If a web application sends HTTP cookies as its method for transmitting session tokens, it may be vulnerable which of the following attacks?

  • A. Parameter tampering Attack
  • B. Sql injection attack
  • C. Session Hijacking
  • D. Cross-site request attack
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Reference: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
by Mijesiv at Jan. 14, 2020, 10:16 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
TCW
4 years, 10 months ago
C is the correct Answer according to ECSAv10. If HTTP cookies are being used as the transmission mechanism for session tokens and the secure flag is not set, attackers can replay the cookie to gain unauthorized access to the application. Attackers can use session cookies to perform session hijacking, session replay, and Man-in-the-Middle attacks
upvoted 1 times
...
Mijesiv
5 years, 6 months ago
should be session hijacking. The alternative name for session hijacking is "Cookie Hijacking"
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel