EC-Council
312-50V7 · Question #7
312-50V7 Question #7: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V7 to reveal the answer and full explanation for question #7. The question stem and answer options stay visible for context.
Question
Dan is conducting penetration testing and has found a vulnerability in a Web Application which gave him the sessionID token via a cross site scripting vulnerability. Dan wants to replay this token. However, the session ID manager (on the server) checks the originating IP address as well. Dan decides to spoof his IP address in order to replay the sessionID. Why do you think Dan might not be able to get an interactive session?
Options
- ADan cannot spoof his IP address over TCP network
- BThe scenario is incorrect as Dan can spoof his IP and get responses
- CThe server will send replies back to the spoofed IP address
- DDan can establish an interactive session only if he uses a NAT
Unlock 312-50V7 to see the answer
You've previewed enough free 312-50V7 questions. Unlock 312-50V7 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.