New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GSNA Exam - Topic 5 Question 50 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 50
Topic #: 5
[All GSNA Questions]

Which of the following statements is true about the Digest Authentication scheme?

Show Suggested Answer Hide Answer
Suggested Answer: C, D

The getSession() method of the HttpServletRequest interface returns the current session associated with the request, or creates a new

session if no session exists. The method has two syntaxes as follows:

public HttpSession getSession(): This method creates a new session if it does not exist.

public HttpSession getSession(boolean create): This method becomes similar to the above method if create is true, and returns the

current session if create is false. It returns null if no session exists.

Answer B is incorrect. The getSession(false) method returns a pre-existing session. It returns null if the

client has no session

associated with it.

Answer A and E are incorrect. There is no such method as getNewSession() in Java.


by Tula at Jul 02, 2024, 05:19 AM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Earnestine
3 months ago
D is wrong, base64 isn't encryption, just encoding.
upvoted 0 times
...
Valentin
3 months ago
Wait, I thought passwords were sent in clear text? That's wild!
upvoted 0 times
...
Jonell
3 months ago
B is misleading, passwords aren't sent every time.
upvoted 0 times
...
Queenie
4 months ago
Totally agree, A is the way to go.
upvoted 0 times
...
Eve
4 months ago
A is correct, it includes a checksum!
upvoted 0 times
...
Youlanda
4 months ago
I feel like option B is misleading because I know Digest Authentication is supposed to send credentials only once, but I can't recall the details.
upvoted 0 times
...
Hildred
4 months ago
I’m a bit confused about the base64 encoding part in option D. I thought it was just a way to encode data, not an encryption scheme.
upvoted 0 times
...
Marnie
4 months ago
I remember practicing a question about Digest Authentication, and I think it definitely doesn’t send the password in clear text, so C seems wrong.
upvoted 0 times
...
Natalya
5 months ago
I think option A sounds familiar, but I'm not entirely sure if it includes all those elements in the checksum.
upvoted 0 times
...
Jarod
5 months ago
Ah, I remember this from the lecture! Digest Authentication includes a checksum of the username, password, and other request details to verify the client's identity. So A is the correct answer. Glad I could recall that detail.
upvoted 0 times
...
Dorthy
5 months ago
Hmm, I'm a bit unsure about this. I know Digest Authentication is supposed to be more secure than Basic Authentication, but I can't recall the exact details. I'll have to think this through carefully.
upvoted 0 times
...
Eugene
5 months ago
I'm pretty confident about this one. I remember learning that Digest Authentication uses a checksum to verify the client's response, so I'll go with option A.
upvoted 0 times
...
Hobert
5 months ago
Okay, let's see. I know Digest Authentication doesn't send the password in clear text, so option C is definitely wrong. And I don't think it uses base64 encoding, so D is probably not correct either. I'll go with B for now, but I'm not 100% sure.
upvoted 0 times
...
Shanda
5 months ago
Okay, let's see. The question is asking about how Palo Alto Networks' VM orchestration helps service providers provision security instances and policies. I think the Aperture Orchestration Engine and the fully instrumented API are the two key features that enable this.
upvoted 0 times
...
Veta
5 months ago
Okay, the key is to identify the two true statements. I'll carefully read through each option and eliminate the ones that are false.
upvoted 0 times
...
Carey
9 months ago
Shouldn't option C be 'The password is sent over the network in a tasty, plain-text format'? Yum, yum!
upvoted 0 times
Miss
8 months ago
User 3: D) It uses the base64 encoding encryption scheme.
upvoted 0 times
...
King
9 months ago
User 2: B) In this authentication scheme, the username and password are passed with every request, not just when the user first types them.
upvoted 0 times
...
Theola
9 months ago
User 1: A) A valid response from the client contains a checksum of the username, the password, the given random value, the HTTP method, and the requested URL.
upvoted 0 times
...
...
Wade
9 months ago
D is also incorrect. Digest authentication doesn't use base64 encoding, it uses a cryptographic hash function.
upvoted 0 times
Andra
9 months ago
D) It uses the base64 encoding encryption scheme.
upvoted 0 times
...
Alesia
9 months ago
B) In this authentication scheme, the username and password are passed with every request, not just when the user first types them.
upvoted 0 times
...
Merrilee
9 months ago
A) A valid response from the client contains a checksum of the username, the password, the given random value, the HTTP method, and the requested URL.
upvoted 0 times
...
...
Trevor
10 months ago
C is definitely wrong. The whole point of digest authentication is to avoid sending the password in clear text.
upvoted 0 times
Geoffrey
9 months ago
C is definitely wrong. The whole point of digest authentication is to avoid sending the password in clear text.
upvoted 0 times
...
Sheron
9 months ago
B) In this authentication scheme, the username and password are passed with every request, not just when the user first types them.
upvoted 0 times
...
Martha
9 months ago
A) A valid response from the client contains a checksum of the username, the password, the given random value, the HTTP method, and the requested URL.
upvoted 0 times
...
...
Pete
10 months ago
B is wrong - the username and password are only sent with the initial request, not every subsequent request.
upvoted 0 times
In
8 months ago
C) The password is sent over the network in clear text format.
upvoted 0 times
...
In
9 months ago
B) In this authentication scheme, the username and password are passed with every request, not just when the user first types them.
upvoted 0 times
...
In
9 months ago
A) A valid In from the client contains a checksum of the username, the password, the given random value, the HTTP method, and the requested URL.
upvoted 0 times
...
...
Sheridan
10 months ago
A seems like the correct answer. The digest authentication scheme uses a checksum to verify the user's credentials without sending the password in clear text.
upvoted 0 times
...
Carlton
10 months ago
I'm not sure, but I think the password being sent in clear text is a security risk.
upvoted 0 times
...
Ricarda
10 months ago
I disagree, I believe the answer is B.
upvoted 0 times
...
Craig
10 months ago
I think the correct answer is A.
upvoted 0 times
...

Save Cancel