CompTIA Security+ (SY0-601) — Question 412

A security analyst was asked to evaluate a potential attack that occurred on a publicly accessible section of the company's website. The malicious actor posted an entry in an attempt to trick users into clicking the following:

https://www.c0mpt1a.com/contact-us/%3Fname%3D%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E

Which of the following was most likely observed?

Answer options

• A. DLL injection
• B. Session replay
• C. SQLi
• D. XSS

Correct answer: D

Explanation

The correct answer is D, XSS (Cross-Site Scripting), as the posted link contains a script tag that aims to execute JavaScript in the user's browser. The other options, such as DLL injection, session replay, and SQLi (SQL injection), do not align with the characteristics of the attack described, which specifically involves executing a script in the context of the user's session.