GIAC Exam GSNA Topic 5 Question 50 Discussion

Actual exam question for GIAC's GSNA exam

Question #: 50
Topic #: 5

[All GSNA Questions]

Which of the following statements is true about the Digest Authentication scheme?

AA valid response from the client contains a checksum of the username, the password, the
given random value, the HTTP method, and the requested URL.

BIn this authentication scheme, the username and password are passed with every request,
not just when the user first types them.

CThe password is sent over the network in clear text format.

DIt uses the base64 encoding encryption scheme.

Show Suggested Answer

Suggested Answer: C, D

The getSession() method of the HttpServletRequest interface returns the current session associated with the request, or creates a new

session if no session exists. The method has two syntaxes as follows:

public HttpSession getSession(): This method creates a new session if it does not exist.

public HttpSession getSession(boolean create): This method becomes similar to the above method if create is true, and returns the

current session if create is false. It returns null if no session exists.

Answer B is incorrect. The getSession(false) method returns a pre-existing session. It returns null if the

client has no session

associated with it.

Answer A and E are incorrect. There is no such method as getNewSession() in Java.

by Tula at Jul 02, 2024, 05:19 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

2 days ago

I'm not sure, but I think the password being sent in clear text is a security risk.

upvoted 0 times

...

4 days ago

I disagree, I believe the answer is B.

upvoted 0 times

...

5 days ago

I think the correct answer is A.

upvoted 0 times

...