For a penetration test engagement, a security engineer decides to impersonate the IT help desk. The security engineer sends a phishing email containing an urgent request for users to change their passwords and a link to https://example.com/index.html. The engineer has designed the attack so that once the users enter the credentials, the index.html page takes the credentials and then forwards them to another server that the security engineer is controlling. Given the following information:Which of the following lines of code should the security engineer add to make the attack successful? A. window.location.= 'https://evilcorp.com' B. crossDomain: true C. geturlparameter ('username') D. redirectUrl = 'https://example.com' Â Suggested Answer: B Community Answer: B This question is in PT0-002 CompTIA PenTest+ Exam For getting CompTIA PenTest+ Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by CompTIA. Trademarks, certification & product names are used for reference only and belong to CompTIA. The website does not contain actual questions and answers from CompTIA's Certification Exams.
Please login or Register to submit your answer