New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CertNexus ITS-110 Exam - Topic 5 Question 44 Discussion

Actual exam question for CertNexus's ITS-110 exam
Question #: 44
Topic #: 5
[All ITS-110 Questions]

A hacker enters credentials into a web login page and observes the server's responses. Which of the following attacks is the hacker attempting?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Brunilda at Sep 17, 2024, 07:51 AM

Limited Time Offer

25%

Off

Get Premium ITS-110 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Marva
3 months ago
Classic move, just testing the waters with those credentials!
upvoted 0 times
...
Stefania
3 months ago
Wait, are we sure it's not a buffer overflow? That seems plausible too.
upvoted 0 times
...
Jeniffer
4 months ago
Agree, it's account enumeration for sure!
upvoted 0 times
...
Vivienne
4 months ago
I think it's more about spear phishing. Seems off to me.
upvoted 0 times
...
Chauncey
4 months ago
Definitely account enumeration. That's how they check valid usernames.
upvoted 0 times
...
Freeman
4 months ago
I keep mixing up these attack types, but I don't think it's spear phishing since that usually involves emails, not web logins.
upvoted 0 times
...
Audra
5 months ago
I practiced a question similar to this, and I believe it's about account enumeration because the responses can indicate valid or invalid usernames.
upvoted 0 times
...
Merilyn
5 months ago
I'm not entirely sure, but I remember something about directory traversal being related to file access, so that doesn't seem right here.
upvoted 0 times
...
Judy
5 months ago
I think this might be account enumeration since the hacker is checking how the server responds to different credentials.
upvoted 0 times
...
Steffanie
5 months ago
Okay, I'm pretty confident this is an account enumeration attack. The hacker is just trying to see how the server responds to different login attempts to find valid usernames.
upvoted 0 times
...
Scot
5 months ago
I'm a bit confused on this one. Is a buffer overflow attack also a possibility if the hacker is trying to input malformed data into the login fields?
upvoted 0 times
...
Josphine
5 months ago
I think the key here is that the hacker is observing the server's responses to the login attempts. That points to an account enumeration attack, where they're trying to find valid usernames.
upvoted 0 times
...
Rikki
5 months ago
Hmm, I'm not totally sure about this one. Could it also be a directory traversal attack if the hacker is trying to access other parts of the web application through the login page?
upvoted 0 times
...
Jovita
5 months ago
This one seems pretty straightforward. The hacker is trying to see if the server responds differently to valid and invalid credentials, which would indicate an account enumeration attack.
upvoted 0 times
...
Sina
5 months ago
This looks like a straightforward question, I think I can handle it.
upvoted 0 times
...
Barney
1 year ago
I bet the hacker's password is 'password123'. That's the first thing I'd try.
upvoted 0 times
...
Dulce
1 year ago
Spear phishing? Really? This is clearly an attempt at account enumeration. The hacker is just fishing for valid usernames.
upvoted 0 times
Hayley
1 year ago
I agree, the hacker is trying to find valid usernames.
upvoted 0 times
...
Nicolette
1 year ago
Actually, I believe it's account enumeration.
upvoted 0 times
...
Sylvie
1 year ago
No, it's definitely spear phishing.
upvoted 0 times
...
Isidra
1 year ago
I think it's account enumeration.
upvoted 0 times
...
...
Mitsue
1 year ago
Nah, it's gotta be a buffer overflow. The hacker is probably trying to exploit a vulnerability in the login page's code.
upvoted 0 times
Julio
1 year ago
C: I agree with the user comment, it's most likely a buffer overflow attack to exploit a coding vulnerability.
upvoted 0 times
...
Quentin
1 year ago
B: No way, it's definitely directory traversal. They're trying to access files they shouldn't be able to.
upvoted 0 times
...
Jules
1 year ago
A: I think it's actually account enumeration. The hacker is trying to see if the credentials are valid.
upvoted 0 times
...
...
Janna
1 year ago
But wouldn't observing server responses be more related to account enumeration?
upvoted 0 times
...
Rozella
1 year ago
I disagree, I believe it's directory traversal.
upvoted 0 times
...
Jose
1 year ago
I think it's a directory traversal attack. The hacker is probably trying to access restricted directories on the server.
upvoted 0 times
...
Desire
1 year ago
Definitely account enumeration. The hacker is trying to guess valid usernames by observing the server's responses.
upvoted 0 times
Winfred
1 year ago
C: That makes sense, they're observing the server's responses.
upvoted 0 times
...
Demetra
1 year ago
B: Yeah, the hacker is trying to guess valid usernames.
upvoted 0 times
...
Josphine
1 year ago
A: I think it's account enumeration.
upvoted 0 times
...
...
Janna
1 year ago
I think the hacker is attempting account enumeration.
upvoted 0 times
...

Save Cancel