Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Eccouncil Exam 312-50v11 Topic 2 Question 66 Discussion

Actual exam question for Eccouncil's 312-50v11 exam
Question #: 66
Topic #: 2
[All 312-50v11 Questions]

Calvin, a grey-hat hacker, targets a web application that has design flaws in its authentication mechanism. He enumerates usernames from the login form of the web application, which requests users to feed data and specifies the incorrect field in case of invalid credentials. Later, Calvin uses this information to perform social engineering.

Which of the following design flaws in the authentication mechanism is exploited by Calvin?

Show Suggested Answer Hide Answer
Suggested Answer: D

Contribute your Thoughts:

Gianna
6 months ago
I think it's Password reset mechanism that Calvin is exploiting, as he might be using the usernames to reset passwords.
upvoted 0 times
...
Sommer
7 months ago
User impersonation allows a hacker to pretend to be someone else, so that could be a possibility too.
upvoted 0 times
...
Quiana
7 months ago
But could it also be User impersonation that Calvin is exploiting in this scenario?
upvoted 0 times
...
Cherrie
7 months ago
I agree with Sommer, revealing which field is incorrect can help Calvin with social engineering.
upvoted 0 times
...
Sommer
7 months ago
I think Calvin is exploiting the Verbose failure messages.
upvoted 0 times
...

Save Cancel