Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Choose all options that apply : What kind of attack can be used to directly circumvent access control in a Web application?
SQL injection
XSS
Social engineering
Using a hub, commenting access controls performed on the client side
SQL injection and XSS can be used to DIRECTLY circumvent access controls in a web app. Social engineering is efficient in that case but is not direct (first "ask" for passwords, then use them in a second step); a (software) proxy would be efficient to comment code on the client side, but a hub is useless.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.