While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place.
What Web browser-based security vulnerability was exploited to compromise the user?
Clickjacking
Cross-Site Scripting
Cross-Site Request Forgery
Web form input validation
Correct answer: C
Question 2
Which service in a PKI will vouch for the identity of an individual or company?
KDC
CR
CBC
CA
Correct answer: D
Question 3
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.