CompTIA CySA+ (CS0-003) — Question 120

An employee is no longer able to log in to an account after updating a browser. The employee usually has several tabs open in the browser. Which of the following attacks was most likely performed?

Answer options

• A. RFI
• B. LFI
• C. CSRF
• D. XSS

Correct answer: C

Explanation

The correct answer is CSRF (Cross-Site Request Forgery), which can exploit the authenticated session in the browser when multiple tabs are open. The other options, RFI (Remote File Inclusion), LFI (Local File Inclusion), and XSS (Cross-Site Scripting), do not directly relate to the scenario of an employee being unable to log in after a browser update.