Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

GIAC Exam GSNA Topic 5 Question 50 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 50
Topic #: 5
[All GSNA Questions]

Which of the following statements is true about the Digest Authentication scheme?

Show Suggested Answer Hide Answer
Suggested Answer: C, D

The getSession() method of the HttpServletRequest interface returns the current session associated with the request, or creates a new

session if no session exists. The method has two syntaxes as follows:

public HttpSession getSession(): This method creates a new session if it does not exist.

public HttpSession getSession(boolean create): This method becomes similar to the above method if create is true, and returns the

current session if create is false. It returns null if no session exists.

Answer B is incorrect. The getSession(false) method returns a pre-existing session. It returns null if the

client has no session

associated with it.

Answer A and E are incorrect. There is no such method as getNewSession() in Java.


by Tula at Jul 02, 2024, 05:19 AM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Carey
1 months ago
Shouldn't option C be 'The password is sent over the network in a tasty, plain-text format'? Yum, yum!
upvoted 0 times
Miss
7 days ago
User 3: D) It uses the base64 encoding encryption scheme.
upvoted 0 times
...
King
11 days ago
User 2: B) In this authentication scheme, the username and password are passed with every request, not just when the user first types them.
upvoted 0 times
...
Theola
19 days ago
User 1: A) A valid response from the client contains a checksum of the username, the password, the given random value, the HTTP method, and the requested URL.
upvoted 0 times
...
...
Wade
1 months ago
D is also incorrect. Digest authentication doesn't use base64 encoding, it uses a cryptographic hash function.
upvoted 0 times
Andra
13 days ago
D) It uses the base64 encoding encryption scheme.
upvoted 0 times
...
Alesia
15 days ago
B) In this authentication scheme, the username and password are passed with every request, not just when the user first types them.
upvoted 0 times
...
Merrilee
16 days ago
A) A valid response from the client contains a checksum of the username, the password, the given random value, the HTTP method, and the requested URL.
upvoted 0 times
...
...
Trevor
2 months ago
C is definitely wrong. The whole point of digest authentication is to avoid sending the password in clear text.
upvoted 0 times
Geoffrey
9 days ago
C is definitely wrong. The whole point of digest authentication is to avoid sending the password in clear text.
upvoted 0 times
...
Sheron
26 days ago
B) In this authentication scheme, the username and password are passed with every request, not just when the user first types them.
upvoted 0 times
...
Martha
1 months ago
A) A valid response from the client contains a checksum of the username, the password, the given random value, the HTTP method, and the requested URL.
upvoted 0 times
...
...
Pete
2 months ago
B is wrong - the username and password are only sent with the initial request, not every subsequent request.
upvoted 0 times
In
2 days ago
C) The password is sent over the network in clear text format.
upvoted 0 times
...
In
9 days ago
B) In this authentication scheme, the username and password are passed with every request, not just when the user first types them.
upvoted 0 times
...
In
16 days ago
A) A valid In from the client contains a checksum of the username, the password, the given random value, the HTTP method, and the requested URL.
upvoted 0 times
...
...
Sheridan
2 months ago
A seems like the correct answer. The digest authentication scheme uses a checksum to verify the user's credentials without sending the password in clear text.
upvoted 0 times
...
Carlton
2 months ago
I'm not sure, but I think the password being sent in clear text is a security risk.
upvoted 0 times
...
Ricarda
2 months ago
I disagree, I believe the answer is B.
upvoted 0 times
...
Craig
2 months ago
I think the correct answer is A.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77