Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is invalid on the server.
Why do you think this is possible?
A . It works because encryption is performed at the application layer (single encryption key)
B . The scenario is invalid as a secure cookie cannot be replayed
C . It works because encryption is performed at the network layer (layer 1 encryption)
D . Any cookie can be replayed irrespective of the session status
Answer: A
Latest CEH-001 Dumps Valid Version with 878 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund