Certified Information Systems Security Professional – CISSP – Question135

As part of an application penetration testing process, session hijacking can BEST be achieved by which of the following?

A. Known-plaintext attack
B. Denial of Service (DoS)
C. Cookie manipulation
D. Structured Query Language (SQL) injection

Correct Answer: D