How the clients’ accounts were compromised?

– by 0

Because some clients have reported unauthorized activity on their accounts, a security analyst is reviewing network packet captures from the company’s API server. A portion of a capture file is shown below:
POST /services/v1_0/Public/Members.svc/soap 192.168.1.22 – – api.somesite.com 200 0 1006 1001 0 192.168.1.22
POST /services/v1_0/Public/Members.svc/soap <Password123 [email protected] 192.168.5.66 – – api.somesite.com 200 0 11558 1712 2024 192.168.4.89
POST /services/v1_0/Public/Members.svc/soap 516.7.446.605 192.168.1.22 – – api.somesite.com 200 0 1003 1011 307 192.168.1.22
POST /services/v1_0/Public/Members.svc/soap kmL4krg2CwwWBan5BReGv5Djb7syxXTNKcWFuSjd0161222 4”1=113026046 192.168.5.66 – – api.somesite.com 200 0 1378 1209 48 192.168.4.89 Which of the following MOST likely explains how the clients’ accounts were compromised?
A. The clients’ authentication tokens were impersonated and replayed.
B. The clients’ usernames and passwords were transmitted in cleartext.
C. An XSS scripting attack was carried out on the server.
D. A SQL injection attack was carried out on the server.

CS0-002: CompTIA CySA+ Exam

FULL Printable PDF and Software. VALID exam to help you PASS.
comptia-exams

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.