Certified Ethical Hacker (CEH v10) — Question 79

Cross-site request forgery involves:

Answer options

• A. A request sent by a malicious user from a browser to a server
• B. Modification of a request by a proxy between client and server
• C. A browser making a request to a server without the user's knowledge
• D. A server making a request to another server without the user's knowledge

Correct answer: C

Explanation

The correct answer is C because cross-site request forgery (CSRF) occurs when a browser sends a request to a server on behalf of a user without their consent. Option A describes a malicious request but does not capture the essence of CSRF, while B refers to proxy modifications which are not related to CSRF. Option D involves server-to-server communication, which is not the focus of CSRF attacks.