Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

GIAC Exam GPEN Topic 9 Question 54 Discussion

Actual exam question for GIAC's GPEN exam

Question #: 54
Topic #: 9

[All GPEN Questions]

You work as a Computer Hacking Forensic Investigator for SecureNet Inc. You want to investigate Cross-Site Scripting attack on your company's Website. Which of the following methods of investigation can you use to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

AReview the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site.

BLook at the Web servers logs and normal traffic logging.

CUse a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.

DUse Wireshark to capture traffic going to the server and then searching for the requests going to the input page, which may give log of the malicious traffic and the IP address of the source.

Show Suggested Answer

Suggested Answer: C

by Leslee at Aug 06, 2024, 09:14 AM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Sabrina

3 months ago

Wait, is this a test or a spy novel? Either way, I'm game to play the part of the hacking investigator.

upvoted 0 times

Valentin

2 months ago

C) Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.

upvoted 0 times

...

Leonora

2 months ago

B) Look at the Web servers logs and normal traffic logging.

upvoted 0 times

...

Antonio

3 months ago

A) Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site.

upvoted 0 times

...

...

Tanesha

4 months ago

This is like a choose-your-own-adventure for cybersecurity nerds! I'm ready to crack the case.

upvoted 0 times

Keneth

2 months ago

C) Use a Web proxy to view the Web server transactions in real time and investigate any communication with outside servers.

upvoted 0 times

...

Erick

3 months ago

B) Look at the Web servers logs and normal traffic logging.

upvoted 0 times

...

Gaynell

3 months ago

A) Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site.

upvoted 0 times

...

...

Clement

4 months ago

Cross-Site Scripting, huh? Time to dust off my web forensics skills and get to work.

upvoted 0 times

...

Yasuko

4 months ago

Hmm, let's see... A, B, C, and D? Gotta love a question that keeps us on our toes!

upvoted 0 times

Catrice

3 months ago

B) Look at the Web servers logs and normal traffic logging.

upvoted 0 times

...

Elliott

3 months ago

A) Review the source of any HTML-formatted e-mail messages for embedded scripts or links in the URL to the company's site.

upvoted 0 times

...

...

Alfred

4 months ago

Wow, this is a tricky one! I'm gonna have to put on my detective hat for this one.

upvoted 0 times

...

Dante

4 months ago

Using Wireshark to capture traffic going to the server sounds like a good idea too.

upvoted 0 times

...

Natalie

4 months ago

I agree with Lonna, looking at the Web servers logs is also important.

upvoted 0 times

...

Lonna

4 months ago

I think we should review the source of any HTML-formatted e-mail messages.

upvoted 0 times

...