A company runs a website that allows public posts. Recently, some users report that when visiting the website, pop-ups appear asking the users for their credentials.
Which of the following is the most likely cause of this issue?
The correct answer is: D. XSS (Cross-Site Scripting)
Explanation:
• XSS (Cross-Site Scripting) occurs when an attacker injects malicious scripts into web pages that are then executed by other users’ browsers. This often happens on websites that allow user-generated content, like public posts, without proper input sanitization.
• In this case, the pop-ups asking for credentials are a classic symptom of an XSS attack, where the attacker injects JavaScript code to steal credentials via fake login prompts.
Why not the others?
• A. Rootkit – A type of malware that hides on a system, not related to website pop-ups.
• B. SQL injection – Targets backend databases and usually results in data leaks or authentication bypass, not front-end pop-ups.
• C. CSRF (Cross-Site Request Forgery) – Tricks users into making unwanted requests, but does not directly cause pop-ups asking for credentials.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CS0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Justheretolook
1 month ago