GIAC
GCIH · Question #440
GCIH Question #440: Real Exam Question with Answer & Explanation
Sign in or unlock GCIH to reveal the answer and full explanation for question #440. The question stem and answer options stay visible for context.
Web Application Attacks & Post-Exploitation
Question
You are investigating a potential web server compromise involving user authentication. During the identification phase, you examine the web server log file and find thousands of lines like the one displayed below. Based on the log file information, what kind of attack is this? bin/gr.cgi? '%2bdocument.cookie;</SCRIPT>
Options
- AThis attack can lead to session hijacking
- BThis attack pops-up a dialog box displaying the user's cookie
- CThis attack directly leads to server-side data leakage
- DThis attack redirects the user to the attacker's site
Unlock GCIH to see the answer
You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#XSS#cross-site scripting#cookie theft#session hijacking