Which attack uses a trusted site's cookie to forge a request from the victim's browser?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Enhance your knowledge as a Computer Hacking Forensic Investigator with the CHFI v11 Test. Use flashcards and multiple-choice questions, complete with hints and detailed explanations, to prepare effectively and ace your exam!

Multiple Choice

Which attack uses a trusted site's cookie to forge a request from the victim's browser?

Explanation:
Cross-Site Request Forgery (CSRF) leverages the trust a web application has in the user's browser by using the user's own session cookie to trigger actions on the target site without the user’s explicit intent. When a user is logged in, the browser automatically includes the site’s cookies with requests. If the user visits a malicious page or is lured to load content that makes a request to the trusted site, the browser will send the authenticated cookie along, making the site believe the user initiated the action. This can cause unintended state-changing requests, such as transferring funds or changing account details, all performed under the authenticated session. This differs from Web Application DoS, which targets availability and tries to overwhelm a service rather than cause authenticated actions. It also differs from XSS, which injects malicious code into a trusted site to steal data or perform actions via scripts; CSRF specifically exploits the browser’s automatic cookie inclusion to forge requests. Hidden Field Manipulation involves altering form data submitted to the server, not exploiting the browser’s session cookies to forge actions on behalf of the user. Mitigations include anti-CSRF tokens that must be present and verified with state-changing requests, SameSite cookie attributes to restrict how cookies are sent with cross-site requests, validating Origin or Referer headers, and requiring re-authentication or explicit user interaction for sensitive actions.

Cross-Site Request Forgery (CSRF) leverages the trust a web application has in the user's browser by using the user's own session cookie to trigger actions on the target site without the user’s explicit intent. When a user is logged in, the browser automatically includes the site’s cookies with requests. If the user visits a malicious page or is lured to load content that makes a request to the trusted site, the browser will send the authenticated cookie along, making the site believe the user initiated the action. This can cause unintended state-changing requests, such as transferring funds or changing account details, all performed under the authenticated session.

This differs from Web Application DoS, which targets availability and tries to overwhelm a service rather than cause authenticated actions. It also differs from XSS, which injects malicious code into a trusted site to steal data or perform actions via scripts; CSRF specifically exploits the browser’s automatic cookie inclusion to forge requests. Hidden Field Manipulation involves altering form data submitted to the server, not exploiting the browser’s session cookies to forge actions on behalf of the user.

Mitigations include anti-CSRF tokens that must be present and verified with state-changing requests, SameSite cookie attributes to restrict how cookies are sent with cross-site requests, validating Origin or Referer headers, and requiring re-authentication or explicit user interaction for sensitive actions.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy