CompTIA CySA+ (CS0-003) — Question 321

A company runs a website that allows public posts. Recently, some users report that when visiting the website, pop-ups appear asking the users for their credentials.

Which of the following is the most likely cause of this issue?

Answer options

• A. Rootkit
• B. SQL injection
• C. CSRF
• D. XSS

Correct answer: D

Explanation

The correct answer is D, XSS (Cross-Site Scripting), as it allows attackers to inject malicious scripts into web pages viewed by other users, potentially leading to credential theft through pop-ups. The other options, while they represent security threats, do not specifically cause pop-ups asking for user credentials in this context.