Consider the following scenario: You are building a web application that uses PHP sessions to maintain state
Question:
Consider the following scenario:
You are building a web application that uses PHP sessions to maintain state across HTTP requests. You want to implement a secure session handling mechanism that is resistant to attacks such as session hijacking and session fixation.
Which of the following statements is true about PHP session handling?
A) PHP uses a secure random number generator to generate session IDs.
B) PHP uses a secure hash function to protect session data from tampering.
C) PHP automatically regenerates session IDs on login to prevent session fixation attacks.
D) PHP encrypts session data using a secure encryption algorithm before storing it on the server.
Note: You can assume that the server running the PHP application is properly configured with the necessary security measures, such as HTTPS and secure session cookie flags.
Statistics For Business And Economics
ISBN: 9780321826237
12th Edition
Authors: James T. McClave, P. George Benson, Terry T Sincich