Which of the following is a type of attack that uses malicious code to exploit vulnerabilities in web applications? MCQ with Answer and Explanation

Which of the following is a type of attack that uses malicious code to exploit vulnerabilities in web applications?
A. Man-in-the-middle
B. Denial-of-service
C. Phishing
D. Cross-site scripting (XSS)
Answer: Option D
Solution (By JKExamLibrary)
Cross-site scripting (XSS) is a type of attack where malicious scripts are injected into web applications, exploiting vulnerabilities to steal data or hijack sessions.

This question belongs to: Computer Cyber Security

Discuss this Question (0)

No comments yet. Be the first to start the discussion!

Practice More Cyber Security Questions

Question #1 Report Error
What is the role of encryption in protecting data?
A. To ensure data confidentiality and integrity
B. To delete data
C. To reduce data speed
D. To increase data size

Correct Answer: Option A


Explanation:
Encryption protects data confidentiality by making it unreadable to unauthorized parties and ensures integrity by detecting any unauthorized modifications to the data.

This question belongs to: Computer Cyber Security
Question #2 Report Error
Which of the following is a common technique used in phishing attacks?
A. Sending fraudulent emails that appear to come from legitimate sources
B. Installing a virus on a computer
C. Denial-of-service attack
D. Physically stealing hardware

Correct Answer: Option A


Explanation:
Phishing attacks often involve sending deceptive emails that look like they are from reputable companies to trick recipients into providing sensitive information.

This question belongs to: Computer Cyber Security
Question #3 Report Error
What type of software exploit injects malicious SQL scripts into database input entry boxes, allowing attackers to download entire customer record directories illegally?
A. Buffer Overflow Exploit
B. Cross-Site Scripting
C. Denial of Service Loop
D. SQL Injection

Correct Answer: Option D


Explanation:
SQL injection executes arbitrary database commands by inserting malicious SQL code statements into unvalidated input fields.

This question belongs to: Computer Cyber Security