Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks?
A.
Web Applications
B.
Intrusion Detection Systems
C.
Firewalls
D.
DNS Servers
Explanation:
Cross-site scripting (XSS) is a form of malicious code-injection attack on a web server in which an attacker
injects code into the content sent to website visitors. XSS can be mitigated by implementing patch management
on the web server, using firewalls, and auditing for suspicious activity.
Incorrect Answers:
B: Cross-site scripting (XSS) attacks target websites and web applications. It does not target Intrusion
Detection Systems (IDS).
C: Cross-site scripting (XSS) attacks target websites and web applications. It does not target firewalls.
B: Cross-site scripting (XSS) attacks target websites and web applications. It does not target DNS Servers.Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 1164, 1168
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)