nerdexam
Cisco

210-255 · Question #166

Which HTTP header field is usually used in forensics to identify the type of browser used?

The correct answer is B. user-agent. The HTTP User-Agent header field contains a structured string identifying the browser application, version, and operating system, making it the primary artifact used in forensic investigations to determine what browser software made a given HTTP request.

Network Intrusion Analysis

Question

Which HTTP header field is usually used in forensics to identify the type of browser used?

Options

  • Aaccept-language
  • Buser-agent
  • Creferrer
  • Dhost

How the community answered

(18 responses)
  • B
    89% (16)
  • C
    6% (1)
  • D
    6% (1)

Why each option

The HTTP User-Agent header field contains a structured string identifying the browser application, version, and operating system, making it the primary artifact used in forensic investigations to determine what browser software made a given HTTP request.

Aaccept-language

The Accept-Language header conveys the human language preferences of the client user rather than any information about the browser type or version.

Buser-agentCorrect

The User-Agent header is included in every HTTP request and carries a standardized string describing the client browser name, version, rendering engine, and underlying operating system. Forensic analysts extract this field from web server access logs or packet captures to attribute web activity to specific browser versions or to detect anomalous clients such as malware using spoofed or unusual agent strings. It is the definitive HTTP header for browser fingerprinting and client software identification.

Creferrer

The Referer header contains the URL of the page that initiated the current request, providing navigational context but no data identifying the browser software itself.

Dhost

The Host header specifies the target server domain name to support virtual hosting and contains no information about the requesting client browser.

Concept tested: HTTP User-Agent header for browser forensics

Source: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/User-Agent

Topics

#HTTP headers#user-agent#browser identification#web forensics

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice