Choose all options that apply : What kind of attack can be used to directly circumvent access control in a Web application? - Skillset

Are you studying for the Security+ certification?

Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.

Upgrade Account

Choose all options that apply : What kind of attack can be used to directly circumvent access control in a Web application?

SQL injection

XSS

Social engineering

Using a hub, commenting access controls performed on the client side

Explanation

SQL injection and XSS can be used to DIRECTLY circumvent access controls in a web app. Social engineering is efficient in that case but is not direct (first "ask" for passwords, then use them in a second step); a (software) proxy would be efficient to comment code on the client side, but a hub is useless.

M4-T09-Web Application Attacks and Countermeasures

Video Training

Train with Skillset and pass your certification exam. Faster. Guaranteed.

Sign Up Now!

Directory

Skillset helps you pass your certification exam.

Contributions and Interactions

Practice Questions

Study thousands of practice questions that organized by skills and ranked by difficulty.

Contributions and Interactions

Personalized Training

Create a tailored training plan based on the knowledge you already possess.

Training Video Selector

Exam Readiness

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Get A Free Skillset Account