Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM Exam CFA-001 Topic 4 Question 58 Discussion

Actual exam question for GAQM's CFA-001 exam
Question #: 58
Topic #: 4
[All CFA-001 Questions]

Attacker uses vulnerabilities in the authentication or session management functions such as exposed accounts, session IDs, logout, password management, timeouts, remember me. secret question, account update etc. to impersonate users, if a user simply closes the browser without logging out from sites accessed through a public computer, attacker can use the same browser later and exploit the user's privileges. Which of the following vulnerability/exploitation is referred above?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Lashandra at Dec 06, 2022, 01:44 PM

Limited Time Offer

25%

Off

Get Premium CFA-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Mitsue
3 days ago
Hmm, I'm not sure. The question mentions a lot of different vulnerabilities, but I think the one being referred to is A) Session ID in URLs. That's a pretty sneaky way for an attacker to impersonate a user.
upvoted 0 times
...
Mari
9 days ago
Ah, this is a classic case of session management vulnerabilities. I'd say the answer is B) Timeout Exploitation. Leaving the browser open without logging out is a common mistake that can leave users vulnerable.
upvoted 0 times
...
Evette
10 days ago
I believe Timeout Exploitation is also a potential vulnerability, as not setting proper timeouts can leave a user's session open for exploitation.
upvoted 0 times
...
Jaime
11 days ago
I agree with Kip, because if the session ID is exposed, an attacker can easily impersonate users.
upvoted 0 times
...
Kip
14 days ago
I think the vulnerability/exploitation referred above is Session ID in URLs.
upvoted 0 times
...

Save Cancel