Computer Hacking Forensic Investigator (CHFI v10) — Question 283

When investigating a system, the forensics analyst discovers that malicious scripts were injected into benign and trusted websites. The attacker used a web application to send malicious code, in the form of a browser side script, to a different end-user. What attack was performed here?

Answer options

• A. SQL injection attack
• B. Cookie poisoning attack
• C. Cross-site scripting attack
• D. Brute-force attack

Correct answer: C

Explanation

The correct answer is C, Cross-site scripting attack, as this type of attack involves injecting malicious scripts into trusted websites to execute code in the user's browser. Options A and B refer to different types of attacks that do not involve browser-side script injection, while D, Brute-force attack, pertains to password cracking rather than script injection.