πŸ“’ Too many exams? Don’t know which one suits you best? Book Your Free Expert πŸ‘‰ call Now!
  • google app store apple app store
    • βœ–

      Question

      Which of the following is a characteristic of Cross-Site

      Request Forgery (CSRF) attacks?
      A It relies on browser vulnerabilities to steal session cookies. Correct Answer Incorrect Answer
      B It requires the victim to be authenticated on the target site. Correct Answer Incorrect Answer
      C It exploits input fields to execute unauthorized SQL commands Correct Answer Incorrect Answer
      D It floods servers with malicious traffic to cause downtime Correct Answer Incorrect Answer
      E It injects malicious scripts into user input fields. Correct Answer Incorrect Answer

      Solution

      Cross-Site Request Forgery (CSRF) exploits the trust a website has in a user’s browser. An attacker tricks an authenticated user into performing unintended actions, such as transferring money or changing account details, without their consent. For instance, a malicious email link might force a logged-in bank user to transfer money to the attacker’s account.

      1. Key Condition: The victim must be logged in, as CSRF exploits authenticated sessions.
      2. Impact: CSRF can lead to unauthorized transactions, changes in user settings, and other unintended operations.
      3. Prevention: Developers can use anti-CSRF tokens, verify the HTTP Referrer header, and require user re-authentication for sensitive actions.
      Why Other Options Are Incorrect:
      • Browser vulnerabilities: CSRF exploits user actions and session trust, not browser vulnerabilities.
      • SQL commands: This describes SQL Injection, not CSRF.
      • Flooding servers: This characterizes DDoS attacks, unrelated to session misuse.
      • Script injection: Script injection is XSS, not CSRF.

      Practice Next
      More Basics of Computers Questions
      ask-question