nerdexam
ExamsCAS-001Questions#285
CompTIA

CAS-001 · Question #285

CAS-001 Question #285: Real Exam Question with Answer & Explanation

The correct answer is D: XSS attack. An XSS (Cross-Site Scripting) attack injects malicious JavaScript or HTML script tags into web application files or database-stored content that gets served to users. When a security administrator reviews web server files (HTML templates, stored database content, cached pages), t

Question

A network administrator notices a security intrusion on the web server. Which of the following is noticed by file?

Options

  • ABuffer overflow
  • BClick jacking
  • CSQL injection
  • DXSS attack

Explanation

An XSS (Cross-Site Scripting) attack injects malicious JavaScript or HTML script tags into web application files or database-stored content that gets served to users. When a security administrator reviews web server files (HTML templates, stored database content, cached pages), the injected script code is directly visible in the file content - making it detectable through file inspection. Buffer overflow (A) is detected by memory analysis or crash logs. Clickjacking (B) involves UI framing tricks and is not embedded in files in an obvious way. SQL injection (C) targets the database layer and is detected through query logs, not file content.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-001 Practice