CompTIA Security+ (SY0-501) — Question 875

Which of the following techniques can be bypass a user or computer's web browser privacy settings? (Choose two.)

Answer options

• A. SQL injection
• B. Session hijacking
• C. Cross-site scripting
• D. Locally shared objects
• E. LDAP injection

Correct answer: B, C

Explanation

Session hijacking allows an attacker to take control of a user's session, bypassing privacy settings. Cross-site scripting enables malicious scripts to be executed in a user's browser, which can also evade such settings. SQL injection and LDAP injection are more focused on database manipulation and do not directly affect browser privacy controls.