New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCIH Exam - Topic 7 Question 9 Discussion

Actual exam question for GIAC's GCIH exam
Question #: 9
Topic #: 7
[All GCIH Questions]

John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.

Original cookie values:

ItemID1=2

ItemPrice1=900

ItemID2=1

ItemPrice2=200

Modified cookie values:

ItemID1=2

ItemPrice1=1

ItemID2=1

ItemPrice2=1

Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.

Which of the following hacking techniques is John performing?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Marjory at Dec 23, 2023, 01:10 AM

Limited Time Offer

25%

Off

Get Premium GCIH Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Alexis
3 months ago
I don't think it's that simple, there must be more to it.
upvoted 0 times
...
Robt
3 months ago
Yup, classic example of cookie tampering.
upvoted 0 times
...
Denae
3 months ago
Wait, can you really change prices like that? Seems risky.
upvoted 0 times
...
Van
4 months ago
Totally agree, he's manipulating the cookie values!
upvoted 0 times
...
Kristian
4 months ago
This is definitely cookie poisoning.
upvoted 0 times
...
Harrison
4 months ago
I thought cross site scripting was more about injecting scripts into web pages, so I'm leaning towards cookie poisoning for this one.
upvoted 0 times
...
Martha
4 months ago
I remember practicing a question about cookie manipulation, and it was definitely called cookie poisoning.
upvoted 0 times
...
Corrinne
4 months ago
I'm not entirely sure, but it seems like it could also involve a man-in-the-middle attack since he's intercepting the data somehow.
upvoted 0 times
...
Jutta
5 months ago
I think this might be related to cookie poisoning since he's modifying the cookie values directly.
upvoted 0 times
...
Justine
5 months ago
I'm a little confused by all the technical details in this question. Cookie manipulation, item IDs, and price changes - it's a lot to take in. I'll have to read through it carefully and try to break down the key elements.
upvoted 0 times
...
Providencia
5 months ago
Ah, I see what's going on now. The attacker is manipulating the cookie data to get a lower price. This sounds like a classic cookie poisoning attack. I'm feeling good about selecting the right answer.
upvoted 0 times
...
Carli
5 months ago
Okay, let me think this through. The attacker is modifying the cookie values to change the item prices, so I'm guessing this is some kind of cookie-based attack. I'll have to weigh the options carefully.
upvoted 0 times
...
Beckie
5 months ago
Hmm, I'm a bit unsure about this one. The question mentions changing the cookie values, but I'm not sure which specific hacking technique that would be considered.
upvoted 0 times
...
Nichelle
5 months ago
This seems like a straightforward cookie manipulation attack. I'm pretty confident I can identify the right technique here.
upvoted 0 times
...
Jani
5 months ago
Hmm, I'm a bit unsure about this one. I'm not super familiar with Stackdriver, so I'll need to read through the options carefully. I'm leaning towards A or D, but I want to make sure I understand the differences between the approaches.
upvoted 0 times
...
Rodrigo
5 months ago
Hmm, this is a tricky one. I'm not entirely sure when benefits management should continue after a programme closes. I'll need to carefully review the options and think about the underlying principles.
upvoted 0 times
...
Silvana
5 months ago
Hmm, I'm a bit unsure about this. I know the command is related to Node Manager, but I can't remember the specifics. I'll have to review my notes on that topic before answering.
upvoted 0 times
...
Haley
10 months ago
Man-in-the-middle attack? Really? That's not even close to what's happening here. This is clearly a cookie poisoning scenario.
upvoted 0 times
Gertude
9 months ago
Yeah, you're right. It's definitely not a man-in-the-middle attack.
upvoted 0 times
...
Aide
10 months ago
I think it's cookie poisoning.
upvoted 0 times
...
Marshall
10 months ago
Yeah, it's definitely cookie poisoning. He's changing the prices before sending them to the server.
upvoted 0 times
...
Annamae
10 months ago
John is trying to manipulate the prices by changing the values in the cookie.
upvoted 0 times
...
...
Shawna
10 months ago
I'm not sure, but it sounds like Cookie poisoning to me too.
upvoted 0 times
...
Truman
10 months ago
I agree with Mila, changing the prices in the cookie is definitely Cookie poisoning.
upvoted 0 times
...
Yong
11 months ago
I'd go with option D, cookie poisoning. Changing the prices in the cookie is a pretty clever way to get a good deal, but it's not exactly ethical.
upvoted 0 times
Zona
10 months ago
User4: Yup, that's the hacking technique John is using.
upvoted 0 times
...
Raymon
10 months ago
User3: I think it's called cookie poisoning, right?
upvoted 0 times
...
Wava
10 months ago
User2: Yeah, it's definitely not ethical.
upvoted 0 times
...
Maxima
10 months ago
User1: That's sneaky, changing the prices in the cookie like that.
upvoted 0 times
...
...
Mila
11 months ago
I think John is performing Cookie poisoning.
upvoted 0 times
...
Nydia
11 months ago
This sounds like a classic case of cookie poisoning, where the attacker modifies the values in the cookie to manipulate the prices. It's a sneaky way to get a discount!
upvoted 0 times
...
Lilli
11 months ago
That's sneaky! It's important to always validate and sanitize user input to prevent such attacks.
upvoted 0 times
...
Maryann
11 months ago
Yeah, I agree. By changing the prices in the cookie, he is manipulating the data sent to the server.
upvoted 0 times
...
Sabra
11 months ago
I think John is performing a Cookie poisoning attack.
upvoted 0 times
...

Save Cancel