Certified Information Systems Security Professional – CISSP – Question303

Which of the following is the BEST definition of Cross-Site Request Forgery (CSRF)?

A.
An attack which forces an end user to execute unwanted actions on a web application in which they are currently authenticated
B. An attack that injects a script into a web page to execute a privileged command
C. An attack that makes an illegal request across security zones and thereby forges itself into the security database of the system
D. An attack that forges a false Structure Query Language (SQL) command across systems

Correct Answer: A

Explanation: