Ann is testing the robustness of a marketing website through an intercepting proxy. She has intercepted the
following HTTP request:
POST /login.aspx HTTP/1.1
Host: comptia.org
Content-type: text/html
txtUsername=ann&txtPassword=ann&alreadyLoggedIn=false&submit=true
Which of the following should Ann perform to test whether the website is susceptible to a simple authentication
bypass?
A.
Remove all of the post data and change the request to /login.aspx from POST to GET
B.
Attempt to brute force all usernames and passwords using a password cracker
C.
Remove the txtPassword post data and change alreadyLoggedIn from false to true
D.
Remove the txtUsername and txtPassword post data and toggle submit from true to false