Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

The SecOps Group CAP Exam - Topic 5 Question 100 Discussion

Actual exam question for The SecOps Group's CAP exam
Question #: 100
Topic #: 5
[All CAP Questions]

Based on the below HTTP request, which of the following statements is correct?

POST /changepassword HTTP/2

Host: example.com

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0

Sec-Fetch-Dest: document

Sec-Fetch-Mode: navigate

Sec-Fetch-Site: same-origin

Cookie: JSESSIONID=38RB5ECV10785B53AF29816E92E2E50

Content-Length: 95

new_password=usher!@22&confirm_password=usher!@22

Show Suggested Answer Hide Answer
Suggested Answer: C

The HTTP request is a POST to /changepassword with a session cookie (JSESSIONID) and parameters new_password and confirm_password. Let's evaluate each option:

Option A ('The change password feature does not validate the user'): The request includes a JSESSIONID cookie, which typically indicates that the user is authenticated via a session. There's no evidence that user validation is absent, so this is not correct.

Option B ('The change password feature uses basic authorization'): Basic authorization would involve an Authorization: Basic header with a Base64-encoded username and password, which is not present here. The authentication appears to be session-based (via cookie), not basic auth, so this is incorrect.

Option C ('The change password feature is vulnerable to Cross-Site Request Forgery attack'): Cross-Site Request Forgery (CSRF) occurs when a malicious site tricks a user's browser into making an unintended request to another site where the user is authenticated. This request lacks a CSRF token (e.g., a unique, unpredictable token in the request body or header) to verify the request's legitimacy. The Sec-Fetch-Site: same-origin header indicates the request is currently from the same origin, but this is a browser feature, not a server-side CSRF protection. Without a CSRF token, the endpoint is vulnerable to CSRF, as an attacker could craft a malicious form on another site to submit this request on behalf of the user. This is the correct answer.

Option D ('All of the above'): Since A and B are incorrect, D cannot be correct.

The correct answer is C, aligning with the CAP syllabus under 'Cross-Site Request Forgery (CSRF)' and 'OWASP Top 10 (A08:2021 - Software and Data Integrity Failures).'


by Novella at Nov 23, 2025, 05:49 PM

Limited Time Offer

25%

Off

Get Premium CAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Stevie
1 month ago
Overall, D covers all bases. Better safe than sorry!
upvoted 0 times
...
Cristy
2 months ago
But what about B? Basic auth could be implied.
upvoted 0 times
...
Rebbeca
2 months ago
I agree with Makeda. Validation is crucial for security.
upvoted 0 times
...
Laurel
2 months ago
Option C stands out. CSRF is a real concern here.
upvoted 0 times
...
Leonard
2 months ago
I feel like D is the best choice. All points seem valid.
upvoted 0 times
...
Makeda
2 months ago
I think option A is correct. No user validation shown.
upvoted 0 times
...
Eladia
2 months ago
Definitely needs better security measures!
upvoted 0 times
...
Merissa
3 months ago
Wait, are we sure about D? That seems too broad.
upvoted 0 times
...
Jani
3 months ago
C seems likely, CSRF is a common issue.
upvoted 0 times
...
Britt
3 months ago
I disagree, it could validate in the backend.
upvoted 0 times
...
Alisha
4 months ago
A looks correct, no user validation shown.
upvoted 0 times
...
Felix
4 months ago
I'm feeling a bit hungry, anyone else want to grab a snack after this exam? Oh, and the answer is C, by the way.
upvoted 0 times
...
Dong
4 months ago
C) is the way to go. Gotta watch out for those CSRF attacks, they can be a real pain.
upvoted 0 times
...
Gregg
4 months ago
Haha, I bet the developer who wrote this code was having a bad day. C) is definitely the right answer.
upvoted 0 times
...
Shaunna
4 months ago
Wow, this is a tricky one. I'd say C) is the correct answer. That CSRF attack is a real security risk.
upvoted 0 times
...
Tegan
4 months ago
Could it be D? I feel like all these issues could be present, but I need to double-check my notes on that.
upvoted 0 times
...
Abraham
5 months ago
I think we had a practice question about CSRF vulnerabilities, and this request might be susceptible since it doesn't show any anti-CSRF tokens.
upvoted 0 times
...
Nickole
5 months ago
I’m not sure about B; I thought basic authorization was more about sending credentials in headers, not in the body like this.
upvoted 0 times
...
Abraham
5 months ago
I remember we discussed how important user validation is in password change requests, so A seems likely.
upvoted 0 times
...
Izetta
5 months ago
The request body contains the new and confirm passwords, so it's clear the application is not using basic auth. I'll need to think about how the application is validating those passwords and whether there are any weaknesses in that process.
upvoted 0 times
...
Dorian
5 months ago
C) The change password feature is vulnerable to Cross-Site Request Forgery attack. That's a classic CSRF vulnerability right there.
upvoted 0 times
...
Dino
6 months ago
This is a good opportunity to apply my knowledge of common web application security vulnerabilities. I'll carefully analyze each part of the request to identify any potential issues, like weak password requirements or lack of CSRF protection.
upvoted 0 times
...
Floyd
6 months ago
Aha, the request includes a cookie, which means the application is using session-based authentication. I'll need to consider the implications of that for potential CSRF vulnerabilities.
upvoted 0 times
...
Beckie
6 months ago
Hmm, the request is using HTTP/2 and includes some security-related headers like Sec-Fetch-*. I'll need to dig deeper into what those mean and how they might impact the security of the change password feature.
upvoted 0 times
...
Miss
6 months ago
This looks like a typical change password request. I'd focus on analyzing the request headers and parameters to identify any potential security issues.
upvoted 0 times
Alva
20 days ago
All options seem concerning, especially D.
upvoted 0 times
...
Toi
25 days ago
True, no user validation is visible.
upvoted 0 times
...
Colene
1 month ago
I think it could be vulnerable to CSRF.
upvoted 0 times
...
Loren
1 month ago
Yeah, but what about security?
upvoted 0 times
...
Gracia
5 months ago
Looks like a standard request.
upvoted 0 times
...
...

Save Cancel