New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GSNA Exam - Topic 5 Question 36 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 36
Topic #: 5
[All GSNA Questions]

Which of the following statements about invalidating a session is true?

Show Suggested Answer Hide Answer
Suggested Answer: A, D

The above configuration fragment will disable the following services from the router:

The BootP service

The DNS function

The Network Time Protocol

The Simple Network Management Protocol

Hyper Text Transfer Protocol


by Marjory at Nov 24, 2023, 04:09 PM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Lorrine
3 months ago
Wait, are you saying getAttribute throws an exception on invalidated sessions? That seems weird!
upvoted 0 times
...
Kent
3 months ago
Totally agree with C, it's a common practice in web apps.
upvoted 0 times
...
Deandrea
3 months ago
A sounds off, how can you get creation time from an invalidated session?
upvoted 0 times
...
Gary
4 months ago
I think B is wrong, invalidate() is part of HttpSession, not HttpServletRequest.
upvoted 0 times
...
Derrick
4 months ago
C is definitely true, you can invalidate sessions both ways.
upvoted 0 times
...
Paola
4 months ago
I thought getCreationTime() could still be called even after a session is invalidated, but I'm not 100% confident about that.
upvoted 0 times
...
Vincent
4 months ago
I feel like we had a practice question about getAttribute() throwing exceptions, but I can't recall if it was specifically for invalidated sessions.
upvoted 0 times
...
Marion
4 months ago
I'm not entirely sure, but I remember something about the invalidate() method being part of the HttpSession interface, not HttpServletRequest.
upvoted 0 times
...
Coletta
5 months ago
I think option C sounds familiar because we discussed how sessions can be invalidated in different ways during our last class.
upvoted 0 times
...
Karol
5 months ago
I'm pretty confident I know the answer to this one. The getCreationTime() method can be called on an invalidated session, so I'll go with option A.
upvoted 0 times
...
Carol
5 months ago
Okay, I think I've got this. The key is to focus on the specific methods and interfaces mentioned in the options.
upvoted 0 times
...
Daisy
5 months ago
Hmm, I'm a bit confused about the difference between programmatic and deployment descriptor invalidation. I'll need to review that part.
upvoted 0 times
...
Ona
5 months ago
This question seems straightforward, but I want to make sure I understand the concepts fully before answering.
upvoted 0 times
...
Shawn
5 months ago
Okay, let's think this through. Remote wipe capabilities would be most useful in situations where the device is lost or stolen, to prevent unauthorized access to sensitive data.
upvoted 0 times
...
Louann
5 months ago
Okay, I think I've got this. The key is to identify the condition that is not required for the courts to accept the federal estate tax value.
upvoted 0 times
...
Lawrence
9 months ago
Hey, did you hear about the programmer who got their session invalidated? They were really steamed!
upvoted 0 times
Serina
8 months ago
B) The invalidate() method belongs to the HttpServletRequest interface.
upvoted 0 times
...
Micah
8 months ago
Really? I didn't know that!
upvoted 0 times
...
Bonita
8 months ago
C) A session can be invalidated programmatically as well as using the deployment descriptor.
upvoted 0 times
...
Jacki
8 months ago
A) The getCreationTime() method can be called on an invalidated session.
upvoted 0 times
...
...
Brandon
9 months ago
D) Throwing an IllegalArgumentException? That's just weird. Why would it do that on an invalidated session? This can't be right.
upvoted 0 times
...
Genevieve
9 months ago
C) This one sounds about right. Invalidating a session can be done programmatically or using the deployment descriptor. Seems like the correct answer to me.
upvoted 0 times
Vashti
8 months ago
C) A session can be invalidated programmatically as well as using the deployment descriptor.
upvoted 0 times
...
Hillary
8 months ago
B) The invalidate() method belongs to the HttpServletRequest interface.
upvoted 0 times
...
Jody
9 months ago
A) The getCreationTime() method can be called on an invalidated session.
upvoted 0 times
...
...
Edward
10 months ago
B) The invalidate() method on the HttpServletRequest? That's just nonsense. It's part of the HttpSession interface, not the request.
upvoted 0 times
Christiane
9 months ago
User 3: The invalidate() method on the HttpServletRequest? That's just nonsense. It's part of the HttpSession interface, not the request.
upvoted 0 times
...
Viola
9 months ago
User 2: A session can be invalidated programmatically as well as using the deployment descriptor.
upvoted 0 times
...
Latia
9 months ago
User 1: The getCreationTime() method can be called on an invalidated session.
upvoted 0 times
...
...
Dorsey
10 months ago
A) What? The session is invalidated, how can you call getCreationTime() on it? This one's gotta be wrong.
upvoted 0 times
Janet
9 months ago
D) I think option A is definitely incorrect. You can't call getCreationTime() on an invalidated session.
upvoted 0 times
...
Dominic
9 months ago
C) The invalidate() method is used to invalidate a session, not getCreationTime().
upvoted 0 times
...
Daniel
9 months ago
B) Yeah, I agree. It doesn't make sense to call getCreationTime() on an invalidated session.
upvoted 0 times
...
Tamala
10 months ago
A) What? The session is invalidated, how can you call getCreationTime() on it? This one's gotta be wrong.
upvoted 0 times
...
...
Eric
10 months ago
I'm not sure, but I think option D is incorrect because getAttribute() method does not throw an exception on an invalidated session.
upvoted 0 times
...
Nettie
10 months ago
I agree with Sherita, because you can invalidate a session programmatically or using the deployment descriptor.
upvoted 0 times
...
Sherita
11 months ago
I think the correct answer is C.
upvoted 0 times
...

Save Cancel