ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 551 discussion

Actual exam question from CompTIA's SY0-601
Question #: 551
Topic #: 1
[All SY0-601 Questions]

A security analyst was asked to evaluate a potential attack that occurred on a publicly accessible section of the company's website. The malicious actor posted an entry in an attempt to trick users into clicking the following:

https://www.c0mpt1a.com/contact-us/%3Fname%3D%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E

Which of the following was most likely observed?

  • A. DLL injection
  • B. Session replay
  • C. SQLi
  • D. XSS
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by mtnews at July 15, 2023, 2:14 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sujon_london
Highly Voted 1 year, 7 months ago
Selected Answer: D
Segment by segment: URL Structure: The URL starts with "https://www.c0mpt1a.com/contact-us/," which is a typical URL structure for a website's contact page. This part appears normal. Query Parameter: Following the "/", there is a query parameter represented as "?name=". Query parameters in a URL are often used to pass data to a web application. Payload: After the "name=" query parameter, there is a URL-encoded string: "%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E". Let's decode and analyze this payload step by step: "%3C" represents "<" in URL encoding, and "%3E" represents ">". So, "%3Cscript%3E" is "<script>", and "%3C%2Fscript%3E" is "</script>" in HTML. Between the "<script>" and "</script>" tags, there is JavaScript code: "alert(document.cookie)".
upvoted 29 times
...
ApplebeesWaiter1122
Highly Voted 1 year, 9 months ago
Selected Answer: D
In this scenario, the malicious actor injected a script into the URL parameters of the website's contact-us page. When users click the link, the injected script will execute in their browsers, displaying an alert containing their cookies. This allows the attacker to potentially steal sensitive information or perform other malicious actions on the affected users' behalf. XSS attacks occur when web applications do not properly validate and sanitize user input, allowing malicious code to be executed on other users' browsers.
upvoted 6 times
...
je123
Most Recent 1 year, 8 months ago
Selected Answer: D
wait... if comptia is so precise in this question... leaving no ambiguity in the question that it is XSS... i am very suspicious of QN 541. now.. 541. A user's login credentials were recently compromised. During the investigation, the security analyst determined the user input credentials into a pop-up window when prompted to confirm the username and password. However, the trusted website does not use a pop-up for entering user credentials. Which of the following attacks occurred? A. Cross-site scripting B. SQL injection C. DNS poisoning D. Certificate forgery Maybe the answer for Q541 is DNS poisoning then..?
upvoted 4 times
Yomzie
1 year, 3 months ago
The answer to Question 541 is actually DNS Poisoning. The website that the user entered their credentials into, was not the original website; the original website does not use a pop-up window for validation. Hence, it is most-likely a DNS Poisoning that redirected the user to a similarly-looking, but fake website.
upvoted 1 times
...
rasadebayor
1 year, 5 months ago
I doubt it though. DNS poison usually involves redirection to a different website. If the redirection is directed to a website that carry out XSS is another debate.
upvoted 5 times
...
...
andresalcedo
1 year, 9 months ago
Letra D. O ataque demonstrado no URL fornecido é um exemplo clássico de XSS. A URL parece ser uma parte do site da empresa (https://www.c0mpt1a.com/contact-us/), mas o parâmetro "name" foi manipulado pelo ator mal-intencionado para incluir um código JavaScript malicioso: "<script>alert(document.cookie)</script>".
upvoted 3 times
...
mtnews
1 year, 9 months ago
Selected Answer: D
Attackers often initiate an XSS attack by sending a malicious link to a user and enticing the user to click it.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago