CompTIA Security+ (SY0-501) — Question 577

A forensics investigator is examining a number of unauthorized payments that were reported on the company's website. Some unusual log entries show users received an email for an unwanted mailing attempt to unsubscribe. One of the users reported the email to the phishing team, and the forwarded email revealed the link to be:
<a href=`https://www.company.com/payto.do?routing=00001111&acct=22223334&amount=250`>Click here to unsubscribe</a>
Which of the following will the forensics investigator MOST likely determine has occurred?

Answer options

• A. SQL injection
• B. CSRF
• C. XSS
• D. XSRF

Correct answer: B

Explanation

The correct answer is B, CSRF (Cross-Site Request Forgery), which occurs when unauthorized commands are transmitted from a user that the website trusts. The unusual log entries and the phishing email suggest that the users were tricked into performing actions without their consent. The other options, while relevant in web security, do not specifically pertain to the scenario described.