| Exam Code/Number: | 412-79Join the discussion |
| Exam Name: | EC-Council Certified Security Analyst (ECSA) |
| Certification: | EC-COUNCIL |
| Question Number: | 205 |
| Publish Date: | Jun 01, 2026 |
|
Rating
100%
|
|
The Web parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control.
This attack takes advantage of the fact that many programmers rely on hidden or fixed fields (such as a hidden tag in a form or a parameter in a URL) as the only security measure for certain operations. Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.
What is the best way to protect web applications from parameter tampering attacks?
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?
Which one of the following commands is used to search one of more files for a specific pattern and it helps in organizing the firewall log files?
Packet filtering firewalls are usually a part of a router. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded.
Depending on the packet and the criteria, the firewall can:
i)Drop the packet
ii)Forward it or send a message to the originator
At which level of the OSI model do the packet filtering firewalls work?
Which of the following is NOT related to the Internal Security Assessment penetration testing strategy?
