The URL may appear like this: https://www.xsecurity-bank.com/creditcard.asp?

seenagapeOctober 14, 2015

The GET method should never be used when sensitive data such as credit card is being sent to a
CGI program. This is because any GET command will appear in the URL, and will be logged by
any servers. For example, let’s say that you’ve entered your credit card information into a form that
uses the GET method. The URL may appear like this:
https://www.xsecurity-bank.com/creditcard.asp?cardnumber=453453433532234
The GET method appends the credit card number to the URL. This means that anyone with
access to a server log will be able to obtain this information. How would you protect from this type
of attack?

A.
Never include sensitive information in a script

B.
Use HTTPS SSLv3 to send the data instead of plain HTTPS

C.
Replace the GET with POST method when sending data

D.
Encrypt the data before you send using GET method

Explanation:

One Comment on “The URL may appear like this: https://www.xsecurity-bank.com/creditcard.asp?”

Ghost Man says:

April 24, 2016 at 5:30 pm

B is the correct Ans.

Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ECCouncil Exam Questions

Free EC-Council Study Guide

The URL may appear like this: https://www.xsecurity-bank.com/creditcard.asp?

One Comment on “The URL may appear like this: https://www.xsecurity-bank.com/creditcard.asp?”

Leave a Reply Cancel reply