EC-Council
EC0-350 · Question #147
EC0-350 Question #147: Real Exam Question with Answer & Explanation
Sign in or unlock EC0-350 to reveal the answer and full explanation for question #147. The question stem and answer options stay visible for context.
Question
Bank of Timbuktu is a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web application recently. Customers can access their account balances, transfer money between accounts, pay bills and conduct online financial business using a Web browser. John Stevens is in charge of information security at Bank of Timbuktu. After one month in production, several customers have complained about the Internet enabled banking application. Strangely, the account balances of many of the bank's customers had been changed! However, money hasn't been removed from the bank; instead, money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web application's logs and found the following entries: What kind of attack did the Hacker attempt to carry out at the bank?
Exhibit
Options
- ABrute force attack in which the Hacker attempted guessing login ID and password from password
- BThe Hacker attempted Session hijacking, in which the Hacker opened an account with the bank,
- CThe Hacker used a generator module to pass results to the Web server and exploited Web application
- DThe Hacker first attempted logins with suspected user names, then used SQL Injection to gain access
Unlock EC0-350 to see the answer
You've previewed enough free EC0-350 questions. Unlock EC0-350 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.