GIAC
GCIH · Question #503
GCIH Question #503: Real Exam Question with Answer & Explanation
Sign in or unlock GCIH to reveal the answer and full explanation for question #503. The question stem and answer options stay visible for context.
Web Application Attacks & Post-Exploitation
Question
What step would mitigate the risk of the specific type of the web attack that produced the web server logs presented below?
Exhibit
Options
- AHTTPS should be used instead of HTTP
- BThe root account should not be available via a web interface
- CUsers should not share the same password
- DAuthentication error messages must be consistent
- EThe application should require stronger passwords
Unlock GCIH to see the answer
You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#authentication enumeration#error message consistency#brute force detection#web server logs