GIAC Exam GSNA Topic 4 Question 68 Discussion

Actual exam question for GIAC's GSNA exam

Question #: 68
Topic #: 4

[All GSNA Questions]

Which of the following are the limitations for the cross site request forgery (CSRF) attack?

Each correct answer represents a complete solution. Choose all that apply.

AThe attacker must determine the right values for all the form inputs.

BThe attacker must target a site that doesn't check the referrer header.

CThe target site should have limited lifetime authentication cookies.

DThe target site should authenticate in GET and POST parameters, not only cookies.

Show Suggested Answer

Suggested Answer: D

In Unix, the /etc/securetty file is used to identify the secure terminals from where the root can be allowed to log in.

Answer B is incorrect. In Unix, the /etc/ioports file shows which I/O ports are in use at the moment.

Answer A is incorrect. In Unix, the /etc/services file is the configuration file that lists the network services that the system supports.

Answer C is incorrect. In Unix, the /proc/interrupts file is the configuration file that shows the interrupts in use and how many of each

there has been.

by Tarra at Mar 20, 2025, 03:09 PM

Limited Time Offer

25%

1 months ago

I think the limitations for CSRF attack include A and C.

upvoted 0 times

...