Certified Ethical Hacker (CEHv9) Questions and answers
75. While using your bank's online servicing you notice the following string in the URL bar: Thttp://www.MyPersonalBank.com/account?id =368940911028389&Da mount=109808aCamount=21" You observe that if you modify the Damount&Camount values and submit the request, that data on the web page reflect the changes. Which type of vulnerability is present on this site?
A. Web Parameter Tampering
B. XSS Reflection
C. SQL injection
D. Cookie Tampering
76. Jesse receives an email with an attachment labeled "Court_Notice_21206.zip". Inside the zip file is a file named °Court_Notice_21206.docx.exe" disguised as a word document. Upon execution, a window appears stating, "This word document is corrupt." In the background, the file copies itself to Jesse APPDATMlocal directory and begins to beacon to a C2 server to download additional malicious binaries.
What type of malware has Jesse encountered?