Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-39 All Questions

View all questions & answers for the 312-39 exam
Go to Exam

Exam 312-39 topic 1 question 52 discussion

Actual exam question from ECCouncil's 312-39
Question #: 52
Topic #: 1
[All 312-39 Questions]

An attacker, in an attempt to exploit the vulnerability in the dynamically generated welcome page, inserted code at the end of the company’s URL as follows: http://technosoft.com.com/<script>alert("WARNING: The application has encountered an error");</script>.
Identify the attack demonstrated in the above scenario.

  • A. Cross-site Scripting Attack
  • B. SQL Injection Attack
  • C. Denial-of-Service Attack
  • D. Session Attack
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by SchFiftySchFive at March 4, 2023, 7:09 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Ruso_1985
2 weeks ago
The answer is A. Pag 116
upvoted 1 times
...
sis_net_sec
1 year, 5 months ago
Selected Answer: A
In this attack, an attacker injects malicious code (in this case, a script that displays an alert) into a vulnerable web application
upvoted 1 times
...
bandarfjb
1 year, 7 months ago
The scenario described in the question demonstrates a Cross-site Scripting (XSS) attack. In this attack, an attacker injects malicious code (in this case, a script that displays an alert) into a vulnerable web application, typically by exploiting input validation or output encoding weaknesses.
upvoted 1 times
...
SchFiftySchFive
1 year, 8 months ago
I believe the correct answer is A. Cross Site Scripting attack. In the example, the attacker is injecting javascript into the URL to create a pop-up warning. In a session attack, the attacker sniffs or otherwise acquires a legit session ID and uses it to gain access to a server, which is not mentioned here. Examples of both are on the OWASP website at the following link. https://owasp.org/www-community/attacks/Session_hijacking_attack
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel