GIAC
GPEN · Question #12
GPEN Question #12: Real Exam Question with Answer & Explanation
Sign in or unlock GPEN to reveal the answer and full explanation for question #12. The question stem and answer options stay visible for context.
Question
Which of the following are the limitations for the cross site request forgery (CSRF) attack? Each correct answer represents a complete solution. Choose all that apply.
Options
- AThe target site should have limited lifetime authentication cookies.
- BThe attacker must target a site that doesn't check the referrer header.
- CThe target site should authenticate in GET and POST parameters, not only cookies.
- DThe attacker must determine the right values for all the form inputs.
Unlock GPEN to see the answer
You've previewed enough free GPEN questions. Unlock GPEN for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.