nerdexam
ExamsGCIHQuestions#324
GIAC

GCIH · Question #324

GCIH Question #324: Real Exam Question with Answer & Explanation

Sign in or unlock GCIH to reveal the answer and full explanation for question #324. The question stem and answer options stay visible for context.

Web Application Attacks & Post-Exploitation

Question

Which of the following are the limitations for the cross site request forgery (CSRF) attack? Each correct answer represents a complete solution. Choose all that apply.

Options

  • AThe attacker must determine the right values for all the form inputs.
  • BThe attacker must target a site that doesn't check the referrer header.
  • CThe target site should have limited lifetime authentication cookies.
  • DThe target site should authenticate in GET and POST parameters, not only cookies.

Unlock GCIH to see the answer

You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock GCIH - $49.99 / 30 daysSign in

Topics

#CSRF#referrer header#authentication cookies#form input validation
Full GCIH Practice