CompTIA Security+ (SY0-601) — Question 404

A user's login credentials were recently compromised. During the investigation, the security analyst determined the user input credentials into a pop-up window when prompted to confirm the username and password. However, the trusted website does not use a pop-up for entering user credentials. Which of the following attacks occurred?

Answer options

• A. Cross-site scripting
• B. SQL injection
• C. DNS poisoning
• D. Certificate forgery

Correct answer: A

Explanation

The correct answer is A, as the scenario describes a situation where a user was tricked into entering their credentials into a malicious pop-up, which is characteristic of a cross-site scripting attack. The other options do not fit this scenario; SQL injection involves manipulating database queries, DNS poisoning affects domain name resolution, and certificate forgery involves generating fake security certificates.