Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Which of the following are possible attack vectors in Cross-Site Scripting? (Select all that apply.)
< img >
< meta >
< br >
< iframe >
< table >
< b >
< b > because of the event, for example, 'onmouseover' property (can call a script). < meta > because script call can be embedded in 'çontent' or 'url' property. < iframe > also has event property like < b >, as well as 'src' property (to encode a javascript action like 'álert'). < table > because of 'background' property. < img > has 'src' property.
< br > is just new line (for now).
Reference: www.owasp.org/index.php/XSSFilterEvasionCheatSheet
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.