Web Page Vulnerability Identification Quiz

Questions and Answers

You conduct an investigation and finds out that the browser of one of your employees sent malicious requests that the employee knew nothing about. Identify the web page vulnerability that the attacker used when the attack to your employee?

Command Injection Attacks

Hidden Field Manipulation Attack

Cross-Site Request Forgery (CSRF) (Corred) (correct)

File Inclusion Attack

Study Notes

Web Page Vulnerability Exploitation

• An employee's browser sent malicious requests without their knowledge, indicating a potential web page vulnerability exploitation.
• The attacker likely exploited a vulnerability in a web page visited by the employee, allowing unauthorized malicious activity.
• Possible vulnerabilities exploited by the attacker may include Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), or Clickjacking.
• The attacker may have injected malicious scripts or code into a legitimate web page, allowing them to execute unauthorized actions on the employee's browser.
• The investigation should focus on identifying the specific vulnerability exploited and the web page involved to prevent future attacks.

Description

Test your knowledge of web page vulnerabilities by identifying the specific type of attack used against an employee's browser. Choose the correct option to demonstrate your understanding of web security.