An online newspaper suffered a data breach. The attackers exploited a vulnerability in the login form of their website. The attackers were able to access the newspaper’s user database, which did not encrypt personally identifiable information (PII).What attack vectors did the malicious hackers use to steal user information? Select two answers.1 pointThe user databaseThe unencrypted PIIThe newspaper’s websiteThe online login form
Question
An online newspaper suffered a data breach. The attackers exploited a vulnerability in the login form of their website. The attackers were able to access the newspaper’s user database, which did not encrypt personally identifiable information (PII).What attack vectors did the malicious hackers use to steal user information? Select two answers.1 pointThe user databaseThe unencrypted PIIThe newspaper’s websiteThe online login form
Solution
The attackers used two main attack vectors to steal user information:
-
The newspaper’s website: The attackers exploited a vulnerability in the website, specifically in the login form. This allowed them to gain unauthorized access to the site.
-
The unencrypted PII: Once inside the system, the attackers were able to access the user database. The fact that the PII was not encrypted made it easy for the attackers to steal this information.
Similar Questions
6.Question 6Security researchers inserted malicious code into the web-applications of various organizations. This allowed them to obtain the personally identifiable information (PII) of various users across multiple databases.What type of attack did the researchers perform?1 pointInjectionInput sanitizationSocial engineeringRansomware
Anthem server breaches disclosed Personally Identifiable Information (PII) from a number of its servers. The infiltration by hackers was attributed to which type of vulnerability?exploitation of an unpatched security vulnerabilityaccess by using a third-party vendor's passworda phishing scheme that captured a database administrator's passwordan intranet-accessed contractor's system that was compromised
Your organization's website has been hacked, and customer data has been compromised. The attacker gained unauthorized access by exploiting a vulnerability in the website's code. Which type of hacker is most likely responsible for this incident?1.0 MarksBlack hat hackerGrey hat hackerState-sponsored hackerScript kiddieWhite hat hacker
Which of the following data breach scenarios is caused by a malicious insider?Group of answer choicesAn employee leaks sensitive company information to the media for personal gainA hacker gains access to the company's systems using a social engineering attackA customer's login credentials are exposed due to an unsecured Wi-Fi connectionA former employee accidentally shares confidential company information on social media
What did the attacker use to exploit the e-commerce web application vulnerability?1 分User errorData breachWeb server logsForced browsing
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.