New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCIH Exam - Topic 8 Question 47 Discussion

Actual exam question for GIAC's GCIH exam
Question #: 47
Topic #: 8
[All GCIH Questions]

Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of Cross-Site Scripting attack Ryan intends to do?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Aileen at Nov 20, 2025, 09:25 AM

Limited Time Offer

25%

Off

Get Premium GCIH Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Loise
13 hours ago
Wait, can XSS really steal history? That's wild!
upvoted 0 times
...
Muriel
6 days ago
Definitely a persistent attack!
upvoted 0 times
...
Johana
11 days ago
D. Persistent XSS, because who doesn't love a good old-fashioned data breach?
upvoted 0 times
...
Carissa
16 days ago
Hmm, I'd say A. Non-persistent XSS is the classic choice for forum shenanigans.
upvoted 0 times
...
Mickie
21 days ago
B. DOM-based XSS is the most elegant way to hijack those accounts.
upvoted 0 times
...
Craig
26 days ago
Definitely D. Persistent XSS is the way to go for maximum damage.
upvoted 0 times
...
Eliz
1 month ago
I practiced a question similar to this, and I think persistent is the right answer because it involves stored data on the server.
upvoted 0 times
...
Clorinda
1 month ago
I feel like this could be a DOM-based attack too, but I need to double-check how that differs from persistent XSS.
upvoted 0 times
...
Almeta
1 month ago
I'm not entirely sure, but I remember something about non-persistent XSS being more about immediate execution without saving on the server.
upvoted 0 times
...
Cathrine
2 months ago
I think this might be a persistent XSS attack since the code stays on the website and affects multiple users over time.
upvoted 0 times
...
Alberta
2 months ago
Okay, I've got it now. The question is asking about the type of XSS attack, so the answer must be either persistent or DOM-based. I'll go with persistent since the hacker is submitting the code directly.
upvoted 0 times
...
Tuyet
2 months ago
Persistent XSS attacks store the malicious code on the server, so it gets executed every time the page is loaded. That sounds like what's happening here, with the hacker submitting the code to the forum.
upvoted 0 times
...
Jaleesa
2 months ago
Sounds like a persistent XSS attack to me.
upvoted 0 times
...
Alyce
3 months ago
I think it's non-persistent, right?
upvoted 0 times
...
Reiko
3 months ago
B. DOM-based XSS, the hacker's version of a mic drop.
upvoted 0 times
...
Nenita
3 months ago
I'm a bit confused on the difference between persistent and non-persistent XSS attacks. I'll need to review that part of the material before answering.
upvoted 0 times
...
Nathan
3 months ago
I think this is a DOM-based XSS attack, where the malicious code is injected into the website's Document Object Model and executed when the user visits the page.
upvoted 0 times
Hermila
2 months ago
Yeah, the code runs in the user's browser.
upvoted 0 times
...
Lisha
2 months ago
I believe it's a DOM-based XSS attack too.
upvoted 0 times
...
...

Save Cancel