CompTIA Security+ (SY0-601) — Question 5

A forensics investigator is examining a number of unauthorized payments that were reported on the company's website. Some unusual log entries show users received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the forwarded email revealed the link to be:
<a href="https://www.company.com/payto.do?routing=00001111&acct=22223334&amount=250">Click here to unsubscribe</a>
Which of the following will the forensics investigator MOST likely determine has occurred?

Answer options

• A. SQL injection
• B. Broken authentication
• C. XSS
• D. XSRF

Correct answer: D

Explanation

The correct answer is D, XSRF (Cross-Site Request Forgery), as the email link tricks the user into executing an unwanted action on a different site. The other options are incorrect because SQL injection pertains to database manipulation, broken authentication relates to issues in user verification, and XSS (Cross-Site Scripting) involves injecting malicious scripts into web pages, which does not fit this scenario.