Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 466

Which method of attack is used by a hacker to send malicious code through a web application to an unsuspecting user to request that the victim's web browser executes the code?

Answer options

• A. cross-site scripting
• B. browser WGET
• C. buffer overflow
• D. SQL injection

Correct answer: A

Explanation

The correct answer is A, cross-site scripting, as it specifically involves injecting malicious scripts into web pages viewed by users. Options B, C, and D refer to different types of vulnerabilities or methods that do not involve delivering code through a web application to execute in the user's browser.