A scenario where an attacker poisons a shared cache by returning malicious content for a targeted URL.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

A scenario where an attacker poisons a shared cache by returning malicious content for a targeted URL.

Explanation:
Web cache poisoning is when an attacker causes a shared cache to store malicious content under a legitimate URL, so subsequent users receive that harmful content from the cache rather than the original server response. Caches are designed to speed up delivery by reusing stored responses, so if the cache keys a malicious payload to a specific URL, any future request for that URL pulls the poisoned content from the cache, affecting multiple users. The attacker typically manipulates the request or response in a way that convinces the cache to store the bad content for that URL, exploiting how the cache keys and stores responses. HTTP Response Splitting involves injecting malformed headers to create multiple responses or redirect users, which can cause cache or client-side issues in some cases, but the scenario described focuses on poisoning a shared cache for a targeted URL, which is the defining behavior of a Web Cache Poisoning Attack. Directory Traversal Attacks aim to access files outside the web root and aren’t about cache poisoning. Web Server Misconfiguration is a broad category and doesn’t specifically describe manipulating a shared cache for a particular URL.

Web cache poisoning is when an attacker causes a shared cache to store malicious content under a legitimate URL, so subsequent users receive that harmful content from the cache rather than the original server response. Caches are designed to speed up delivery by reusing stored responses, so if the cache keys a malicious payload to a specific URL, any future request for that URL pulls the poisoned content from the cache, affecting multiple users. The attacker typically manipulates the request or response in a way that convinces the cache to store the bad content for that URL, exploiting how the cache keys and stores responses.

HTTP Response Splitting involves injecting malformed headers to create multiple responses or redirect users, which can cause cache or client-side issues in some cases, but the scenario described focuses on poisoning a shared cache for a targeted URL, which is the defining behavior of a Web Cache Poisoning Attack. Directory Traversal Attacks aim to access files outside the web root and aren’t about cache poisoning. Web Server Misconfiguration is a broad category and doesn’t specifically describe manipulating a shared cache for a particular URL.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy