Sam is a software developer and has recently gone through secure softwaredevelopment courses. When reviewing his programming code, he sees that his softwarePage 2cess trol-P1.txtsplits authentication and authorization steps. Why would this be a concern?
A.
A buffer overflow can cause authorization before identification steps
B.
Processing sequencing can be manipulated
C.
HTTP splitting can take place
D.
Browser injection can take place
Explanation:
software, when the authentication and authorization steps are split into twofunctions, there is a possibility an attacker could use a race condition to forcethe authorization step to be completed before the authentication step. It isimportant that the processes carry out their functionality in the correct sequence.If process 2 carried out its task on the data before process 1, the result will bemuch different than if process 1 carried out its tasks on the data before process 2.This would give someone access BEFORE realizing that they are not the legitimateuser.