Developing Applications and Automating Workflows Using Cisco Platforms (DEVASC) — Question 178
Which OWASP threat takes advantage of a web application that the user has already authenticated to execute an attack?
Answer options
- A. phishing
- B. DoS
- C. brute force attack
- D. CSRF
Correct answer: D
Explanation
The correct answer is CSRF, which stands for Cross-Site Request Forgery, as it specifically targets authenticated users to perform unwanted actions on their behalf. Phishing, DoS, and brute force attacks do not rely on the user's authenticated session in the same way that CSRF does.