CompTIA CySA+ (CS0-002) — Question 101
A code review reveals a web application is using time-based cookies for session management. This is a security concern because time-based cookies are easy to:
Answer options
- A. parameterize
- B. decode
- C. guess
- D. decrypt
Correct answer: C
Explanation
The correct answer is C because time-based cookies can be predicted based on their expiration times, making them vulnerable to session hijacking. Options A, B, and D do not accurately describe the primary weakness of time-based cookies, as they are not primarily susceptible to parameterization, decoding, or decryption in the same way.