CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

A penetration tester is conducting an assessment against a web application and has observed that session tokens are not rotated after login. Which type of attack could the penetration tester employ to take advantage of this vulnerability?

  • Session replay

  • Cross-site scripting (XSS)

  • Cross-site request forgery (CSRF)

  • Session fixation

This question is for objective:
Attacks and Exploits
Your Score:
Attacks and Exploits
Information Gathering and Vulnerability Scanning
Reporting and Communication
Tools and Code Analysis
Planning and Scoping