EC-Council
312-50V10 · Question #340
312-50V10 Question #340: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V10 to reveal the answer and full explanation for question #340. The question stem and answer options stay visible for context.
Hacking Web Applications
Question
An attacker has been successfully modifying the purchase price of items purchased on the company's web site. The security administrators verify the web server and Oracle database have not been compromised directly. They have also verified the Intrusion Detection System (IDS) logs and found no attacks that could have caused this. What is the mostly likely way the attacker has been able to modify the purchase price?
Options
- ABy using SQL injection
- BBy changing hidden form values
- CBy using cross site scripting
- DBy utilizing a buffer overflow attack
Unlock 312-50V10 to see the answer
You've previewed enough free 312-50V10 questions. Unlock 312-50V10 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#hidden form fields#web application attack#parameter tampering#price manipulation