New Release: Earn Rewards by referring new users! You can earn rewards redeemable for discounts on Vouchers and Memberships!

Free CompTIA PenTest+ PT0-002 Practice Question

A penetration tester is evaluating a website to determine if it is vulnerable to cross-site scripting attacks. During their assessment, they find that the website allows users to post comments which are then viewable by other visitors without any input sanitization. Which type of payload would be MOST effective for establishing a persistent cross-site scripting attack?

  • Script inclusion that stores malicious code in the website’s database

  • Local JavaScript file inclusion that would execute the payload from the user's device

  • URL manipulation to reflect malicious code execution only once

  • Self-executing script that activates once but requires a page refresh to execute again

This question's topic:
CompTIA PenTest+ PT0-002 / 
Attacks and Exploits
Your Score:

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Study for free by referring new users! Hide these
SAVE $49
CompTIA PenTest+ Voucher (PT0-002)
$404.00 $355.00