Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > Cross-Site Scripting 2.3 > Flashcards

Cross-Site Scripting 2.3 Flashcards

1
Q

[…], otherwise known as XSS, occurs when an attacker sends a victim a link to a legitimate website that contains a malicious script embedded in the URL, which is executed when clicked on.

The malicious script then sends the victims data to the attacker (session cookies, credentials, etc)

A

Cross-Site Scripting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A […] XSS attack allows scripts to be run in user input

Affects only users who click on the link

Ex:
Search Box

A

Non-persistent (Reflected)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A […] attack involves the attacker posting the malicious link to a social media platforms server, which means everyone gets the payload now.

Affects everyone who visits the website

A

Persistent XSS
(Stored)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

To protect yourself against XSS attacks, you should:
-[…]
-[…]
-[…]
-[…]

A
  • Be careful when clicking untrusted links
  • Consider disabling JavaScript, or limit its capabilities
  • Keep browser and applications updated
  • Validate input (Don’t allow users to add their own scripts to input fields)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ (67 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions