CompTIA A+ Core 2 (220-1102) — Question 503
Which of the following attacks can a hacker use to execute code on a user's computer when the user visits a specially prepared, malicious website?
Answer options
- A. DoS
- B. Spoofing
- C. XSS
- D. SQL injection
Correct answer: C
Explanation
Cross-Site Scripting (XSS) is the correct answer because it allows attackers to inject malicious scripts into webpages viewed by users. DoS (Denial of Service) aims to overwhelm services, spoofing involves impersonation, and SQL injection targets databases, none of which directly execute code on a user's computer through a browser in the way XSS does.