adplus-dvertising
frame-decoration

Question

A Web site that allows users to enter text, such as a comment or a name, and then stores it and later displays it to other users, is potentially vulnerable to a kind of attack called a ___________________ attack.

a.

Two-factor authentication

b.

Cross-site request forgery

c.

Cross-site scripting

d.

Cross-site scoring scripting

Answer: (c).Cross-site scripting

Engage with the Community - Add Your Comment

Confused About the Answer? Ask for Details Here.

Know the Explanation? Add it Here.

Q. A Web site that allows users to enter text, such as a comment or a name, and then stores it and later displays it to other users, is potentially vulnerable to a kind of attack...

Similar Questions

Discover Related MCQs

Q. In _________________ attacks, the attacker manages to get an application to execute an SQL query created by the attacker.

Q. Which of the following is a valid encryption technique?

Q. A log of all changes to the application data is called as __________

Q. What is the standard for exchanging authentication and authorization information between two different security domains?

Q. What are phishing attacks?

Q. What are man in the middle attacks?

Q. The system where two independent pieces of data are used to identify a user is called as ______

Q. State true or false: Password leakage is a major security problem

Q. The URL of the page that had the link that the user clicked to access the page is called as _____

Q. An attack on a website that stores and displays text to a user is known as ______ attack

Q. If an attacker manages to get an application to execute an SQL query created by the attacker, then such attacks are called as _________

Q. The information that gets transformed in encryption is ____________

Q. An algorithm in encryption is called _____________

Q. Security features that control that can access resources in the OS.

Q. CHAP stands for?

Q. A concern of authentication that deals with user rights.

Q. The process of verifying the identity of a user.

Q. Which of these is a part of network identification?

Q. Which is not an objective of network security?

Q. Network Security provides authentication and access control for resources.