Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. GIAC
  4. Management
  5. GSLC Discussions
  6. GSLC Exam Topic 14 Question 139 Discussion
 GIAC Discussions
Exam GSLC All Questions
Exam GSLC All Questions

View all questions & answers for the GSLC exam

Go to Exam

GIAC Management GSLC Question # 139 Topic 14 Discussion

GSLC Exam Topic 14 Question 139 Discussion:
Question #: 139
Topic #: 14

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows:

C:\whisker.pl -h target_IP_address

-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - =

= Host: target_IP_address

= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1

mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22

+ 200 OK: HEAD /cgi-bin/printenv

John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true?

Each correct answer represents a complete solution. Choose all that apply.
A.

The countermeasure to 'printenv' vulnerability is to remove the CGI script.

B.

'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.

C.

This vulnerability helps in a cross site scripting attack.

D.

With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.

Get Premium GSLC Questions
Actual exam question for GIAC GSLC exam by Sable67261 at Mar 20, 2026, 12:00:25 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit