Tokens, also known as session tokens, are susceptible to different types of attacks if not secured properly. Although tokens can be scoped, if token handling mechanisms are not implemented with strong security controls, such as proper encryption and validation measures, they can still be intercepted and misused by attackers. The correct answer reflects the understanding that without adequate security controls, even well-scoped tokens can be vulnerable to interception and unauthorized reuse.
Learn More
AI Generated Content may display inaccurate information, always double-check anything important.
What are the types of attacks that can target session tokens?
What security controls can be implemented to protect session tokens?