Which of the following attack types is the threat analyst seeing?

CAS-004 V4 0 Comments

A threat analyst notices the following URL while going through the HTTP logs.

Which of the following attack types is the threat analyst seeing?
A . SQL injection
B . CSRF
C . Session hijacking
D . XSS

Answer: D

Explanation:

XSS stands for cross-site scripting, which is a type of attack that injects malicious code into a web page that is then executed by the browser of a victim. The URL in the question contains a script tag that tries to execute a JavaScript code from an external source, which is a sign of XSS.

Verified Reference:

https://www.comptia.org/training/books/casp-cas-004-study-guide, https://owasp.org/www-community/attacks/xss/

Latest CAS-004 Dumps Valid Version with 128 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CAS-004 PDF     CAS-004 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments