Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
The session ID is the item that uniquely distinguishes users. To thwart attackers, Session IDs should be managed with the use of cookies. Please select the correct statement regarding the use of cookies for session management
you can restrict cookies to a particular site or even a section of a site (using the path attribute of the cookie), or set them to expire automatically.
Cookies are generally more difficult to modify than hidden fields or CGI parameters.
You can protect them by using mechanisms like setting the secure flag (so they cannot be "sniffed" unencrypted on the network)
All choices are accurate about cookies for session management
All choices are true
Reference: How to Break Web Software: Functional and Security Testing of Web Applications and Web Services, Mike Andrews and James A. Whittaker
Removed answer "Cookies are generally more difficult to modify than hidden fields or CGI parameters. " because they are, in reality, very easy to modify.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.