Are you studying for the CEH or CISSP certifications?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
New system attack methods are developed each day, often modifying code or replacing programs. Which of these attacks would correctly identify a scenario where an attacker tricks a victim into clicking a link the user would normally not approve which allows the attacker to perform an undesired function on the victim's behalf?
Injection attack
Cross-site request forgery
Escalation of privilege
Cross-site scripting attack
A cross-site scripting attack lets an attacker bypass security mechanisms in websites. Escalation of privilege is an attack where an attacker accesses a system in attempt to gain a higher level of privilege. An injection attack is where an attacker inserts computer instructions into a computers input fields. Cross-site request forgery attacks involve tricking a user into authorizing some action (using their stored cookies) on a separate site, which they would normally not do. EDIT: CSRF vs XSS is ambiguous in the context of the question. The first sentence is also hinting towards XSS, which makes me think XSS is the "more right" answer.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.