A threat analyst notices the following URL while going through the HTTP logs.
Which of the following attack types is the threat analyst seeing?
A . SQL injection
B . CSRF
C . Session hijacking
D . XSS
Answer: D
Explanation:
XSS stands for cross-site scripting, which is a type of attack that injects malicious code into a web page that is then executed by the browser of a victim. The URL in the question contains a script tag that tries to execute a JavaScript code from an external source, which is a sign of XSS.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://owasp.org/www-community/attacks/xss/
Latest CAS-004 Dumps Valid Version with 128 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund