Which of the following does NOT help to protect against session hijacking and fixation attacks?

Which of the following does NOT help to protect against session hijacking and fixation attacks?
A . Use SSL and set the $secure cookie parameter to true.
B . Set the session.use_only_cookies php.ini parameter to 1.
C . Set the session.cookie_lifetime php.ini parameter to
E . Protect against XSS vulnerabilities in the application.
F . Rotate the session id on successful login and logout using session_regenerate_id()

Answer: C

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments