GAQM Exam CFA-001 Topic 4 Question 58 Discussion

Actual exam question for GAQM's CFA-001 exam

Question #: 58
Topic #: 4

Attacker uses vulnerabilities in the authentication or session management functions such as exposed accounts, session IDs, logout, password management, timeouts, remember me. secret question, account update etc. to impersonate users, if a user simply closes the browser without logging out from sites accessed through a public computer, attacker can use the same browser later and exploit the user's privileges. Which of the following vulnerability/exploitation is referred above?

ASession ID in URLs

BTimeout Exploitation

CI/O exploitation

DPassword Exploitation

Show Suggested Answer

Suggested Answer: A

by Lashandra at Dec 06, 2022, 01:44 PM

Limited Time Offer

25%

Off

Get Premium CFA-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Starr

5 days ago

This is a tricky one. The question covers a lot of ground, but I'm going to have to go with D) Password Exploitation. Exposed accounts and weak password management can really open the door for impersonation attacks.

upvoted 0 times

...

Mitsue

12 days ago

Hmm, I'm not sure. The question mentions a lot of different vulnerabilities, but I think the one being referred to is A) Session ID in URLs. That's a pretty sneaky way for an attacker to impersonate a user.

upvoted 0 times

...

Mari

18 days ago

Ah, this is a classic case of session management vulnerabilities. I'd say the answer is B) Timeout Exploitation. Leaving the browser open without logging out is a common mistake that can leave users vulnerable.

upvoted 0 times