ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-001 All Questions

View all questions & answers for the CS0-001 exam
Go to Exam

Exam CS0-001 topic 1 question 317 discussion

Actual exam question from CompTIA's CS0-001
Question #: 317
Topic #: 1
[All CS0-001 Questions]

A cybersecurity analyst was asked to review several results of web vulnerability scan logs.
Given the following snippet of code:

Which of the following BEST describes the situation and recommendations to be made?

  • A. The security analyst has discovered an embedded iframe pointing to source IP 65.240.22.1 network. The code should include the domain name. Recommend the entry be updated with the domain name.
  • B. The security analyst has discovered an embedded iframe that is hidden from users accessing the web page. This code is correct. This is a design preference, and no vulnerabilities are present.
  • C. The security analyst has discovered an embedded iframe pointing to source IP 65.240.22.1 network. The link is hidden and suspicious. Recommend the entry be removed from the web page.
  • D. The security analyst has discovered an embedded iframe pointing to source IP 65.240.22.1 network. Recommend making the iframe visible. Fixing the code will correct the issue.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by s3curity1 at June 1, 2020, 6:02 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Ashfaq2
4 years, 6 months ago
Should be C http://blog.unmaskparasites.com/2009/10/28/evolution-of-hidden-iframes/
upvoted 1 times
...
LinYM
4 years, 8 months ago
Should be C. If 65.240.22.1 is malicious, it doesn't matter whether this iframe is visible or not. Simply visiting the web site will initiate a connection to the redirect site. Once the redirect is made, the exploit installs by leveraging a vulnerability in the user's browser or plug-in. Ref: https://www.techrepublic.com/blog/it-security/uncloaking-invisible-iframes/
upvoted 4 times
...
s3curity1
4 years, 11 months ago
I think this is C.
upvoted 3 times
TheThreatGuy
4 years, 11 months ago
Based on a google search of hidden iframes, all looks normal here. Looks like it was intended to be hidden. B is correct.
upvoted 1 times
s3curity1
4 years, 11 months ago
This can be a form of clickjacking where unknowing users are clicking on the hidden iframe. Since we're not sure this is legitimate, we should be on the side of caution.
upvoted 2 times
s3curity1
4 years, 11 months ago
The majority of malware identified by the Norton Secured Seal service will display in the "Malware requiring removal" section of the Malware tab in your Symantec Trust Center account. However, there are some instances when it may not be possible to display the specific location of the malware. This will require you to pay special attention to the identified Web pages and analyze them carefully. When analyzing your Web site for malware, pay attention to the following key identifiers: Any code that opens 3rd party URLs Uncommon or obscure JavaScript Iframes that are set to "hidden" with dimensions set to zero Iframes with a display status set to "none" Note: Inline Frames (iframes) are windows cut into your Web page that allow your visitor to view another page on your site or off your site without reloading the entire page. ref: https://knowledge.digicert.com/generalinformation/INFO1316.html
upvoted 6 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago