GIAC
GCIH · Question #433
GCIH Question #433: Real Exam Question with Answer & Explanation
Sign in or unlock GCIH to reveal the answer and full explanation for question #433. The question stem and answer options stay visible for context.
Web Application Attacks & Post-Exploitation
Question
Many of your company's customers have been complaining that their web forum accounts have been compromised, so you have been asked to investigate. After creating an account as a normal user and logging into the application, you attempt to add a new post and you intercept the request that your browser sends to the web server using Webscarab. This intercepted request is displayed below. Which measure would you propose to prevent application-level manipulation of the accounts from the end-user? User-Agent: Opera/9.80 (X11; Linux x86_64; U; en) Presto/2.8.131 Version/11.11 Host: 192.168.56.101 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: en-US, en;q=0.9 Accept-Encoding: gzip, deflate Cookie: SESSIONID=1232; logged_in=1; user_id=123 Proxy-Connection: Keep-Alive
Options
- AApply a timestamp within the SESSIONID variable and digitally sign or hash it to ensure its
- BUse POST instead of GET requests, to avoid sending parameters in URLs that can be
- CEnforce SSL encryption to prevent sniffing of the users' credentials.
- DUse client-side filtering of user-supplied data to prevent tampered input from reaching the server.
Unlock GCIH to see the answer
You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#session ID#digital signing#session hijacking#web application security