ISC Exam Questions

Which of the following has an incorrect attack to definition mapping below?

Which of the following has an incorrect attack to definition mapping below?

Non-persistent XSS attack Improper sanitation of response from a web client

Persistent XSS attack Data provided by attackers are save on the server

DOM based XSS attack tent processing stages performed by the client,typically in client-side JavaScript

EBJ XSS tent processing stages performed by the client, typically inclient-side Java

The non-persistent cross-site scripting vulnerability is when the data provided by a web client, most commonly in HTTP query parameters or in HTML form submissions, is used immediately by server-side scripts to generate a page of results for that user, without properly sanitizing the response.

The persistent XSS vulnerability occurs when the data provided by the attacker is saved by the server, and then permanently displayed on "normal" pages returned to other users in the course of regular browsing, without proper HTML escaping.

DOM-based vulnerabilities occur in the content processing stages performed by the client, typically in client-side JavaScript.