Which of the following is a common type of attack against web applications? MCQ with Answer and Explanation

Which of the following is a common type of attack against web applications?
A. Phishing
B. Man-in-the-middle
C. Cross-site scripting (XSS)
D. Denial-of-service
Answer: Option C
Solution (By JKExamLibrary)
Cross-site scripting (XSS) is a common attack that injects malicious scripts into web applications, exploiting vulnerabilities to steal data or hijack sessions.

This question belongs to: Computer Cyber Security

Discuss this Question (0)

No comments yet. Be the first to start the discussion!

Practice More Cyber Security Questions

Question #1 Report Error
Which of the following is a common type of cyber threat targeting financial institutions?
A. SQL injection
B. Ransomware
C. All of the above
D. Phishing

Correct Answer: Option C


Explanation:
Financial institutions are targeted by a variety of cyber threats, including ransomware, phishing, and SQL injection attacks, to steal funds or sensitive data.

This question belongs to: Computer Cyber Security
Question #2 Report Error
What administrative rule requires employees to lock their desks, secure printed papers, and password-protect their monitors whenever they step away from their desks?
A. Principle of Least Privilege
B. Clean Desk Policy
C. Stateful Boundary Policy
D. Zero Trust Validation Framework

Correct Answer: Option B


Explanation:
Clean desk policies mitigate insider threat options and corporate espionage risks by mandating that physical workspaces remain free of exposed sensitive records.

This question belongs to: Computer Cyber Security
Question #3 Report Error
Which antivirus analysis protocol checks for zero-day malware variants by scanning code layouts for suspicious instructions, rather than relying on established file hashes?
A. Static Signature Identification
B. Dynamic Cryptographic Hashing
C. Database Static Lookup
D. Heuristic / Behavioral Analysis

Correct Answer: Option D


Explanation:
Heuristic analysis checks software patterns and rules of behavior to detect unknown zero-day malware variants that lack established signature profiles.

This question belongs to: Computer Cyber Security