GIAC Exam GCIH Topic 7 Question 9 Discussion

Actual exam question for GIAC's GCIH exam

Question #: 9
Topic #: 7

[All GCIH Questions]

John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.

Original cookie values:

ItemID1=2

ItemPrice1=900

ItemID2=1

ItemPrice2=200

Modified cookie values:

ItemID1=2

ItemPrice1=1

ItemID2=1

ItemPrice2=1

Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.

Which of the following hacking techniques is John performing?

AComputer-based social engineering

BMan-in-the-middle attack

CCross site scripting

DCookie poisoning

Show Suggested Answer

Suggested Answer: C

by Marjory at Dec 23, 2023, 01:10 AM

Limited Time Offer

25%

Off

Get Premium GCIH Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Haley

4 days ago

Man-in-the-middle attack? Really? That's not even close to what's happening here. This is clearly a cookie poisoning scenario.

upvoted 0 times

...

Shawna

4 days ago

I'm not sure, but it sounds like Cookie poisoning to me too.

upvoted 0 times

...

Truman

5 days ago

I agree with Mila, changing the prices in the cookie is definitely Cookie poisoning.

upvoted 0 times

...

Yong

7 days ago

I'd go with option D, cookie poisoning. Changing the prices in the cookie is a pretty clever way to get a good deal, but it's not exactly ethical.

upvoted 0 times

...

Mila

9 days ago

I think John is performing Cookie poisoning.

upvoted 0 times

...

Nydia

10 days ago

This sounds like a classic case of cookie poisoning, where the attacker modifies the values in the cookie to manipulate the prices. It's a sneaky way to get a discount!

upvoted 0 times

...