Register
14:59
Stop
CEH - Hacking Web Applications - Analyze Web Applications
Advanced
1/15
During your security assessment of an e-commerce website, you notice it uses a REST API that returns customer order data. When you modify the API request URL from `/api/orders/123` to `/api/orders/124`, you can access another customer's order details. Which testing technique should you apply next to thoroughly evaluate this issue?
a.
Forced browsing through all possible numerical combinations in the order parameter range
b.
Cross-site scripting injections targeting the API response headers
c.
SQL injection tests using UNION statements to extract additional database tables and user information
d.
Parameter tampering across multiple data types and endpoints
Advanced