BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam 312-50v11 Topic 2 Question 66 Discussion

Actual exam question for Eccouncil's 312-50v11 exam
Question #: 66
Topic #: 2
[All 312-50v11 Questions]

Calvin, a grey-hat hacker, targets a web application that has design flaws in its authentication mechanism. He enumerates usernames from the login form of the web application, which requests users to feed data and specifies the incorrect field in case of invalid credentials. Later, Calvin uses this information to perform social engineering.

Which of the following design flaws in the authentication mechanism is exploited by Calvin?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Iluminada at Feb 08, 2024, 01:07 AM

Limited Time Offer

25%

Off

Get Premium 312-50v11 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Gianna
5 months ago
I think it's Password reset mechanism that Calvin is exploiting, as he might be using the usernames to reset passwords.
upvoted 0 times
...
Sommer
6 months ago
User impersonation allows a hacker to pretend to be someone else, so that could be a possibility too.
upvoted 0 times
...
Quiana
6 months ago
But could it also be User impersonation that Calvin is exploiting in this scenario?
upvoted 0 times
...
Cherrie
6 months ago
I agree with Sommer, revealing which field is incorrect can help Calvin with social engineering.
upvoted 0 times
...
Sommer
6 months ago
I think Calvin is exploiting the Verbose failure messages.
upvoted 0 times
...

Save Cancel