nerdexam
ExamsGCIHQuestions#700
GIAC

GCIH · Question #700

GCIH Question #700: Real Exam Question with Answer & Explanation

The correct answer is C: This is a session hijacking attack. See the full explanation below for the reasoning.

Question

During the identification phase of a Web server compromise, you notice the following entries in the web server logs. If "admin" is a valid username, but its corresponding password is not "pass1", and "root" is not a valid username, what can you infer solely from these logs?

Exhibit

GCIH question #700 exhibit

Options

  • AThis is a web spidering attack using wget
  • BThis is an account harvesting attack
  • CThis is a session hijacking attack
  • DThis is a password brute-forcing attack

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice
During the identification phase of a Web server compromise, you... | GCIH Q#700 Answer | NerdExam