Question: How can an attacker use CSRF to manipulate a user's account settings and extract sensitive information?

Answer:

An attacker can use CSRF to manipulate a user's account settings and extract sensitive information by tricking the user into submitting a form that alters their account settings.

MCQ: How can an attacker use CSRF to manipulate a user's account settings and extract sensitive information?

A. By directly accessing the web application's server.
B. CSRF attacks cannot manipulate account settings or extract sensitive information.
C. By tricking the user into submitting a form that alters their account settings and reveals sensitive information.
D. By injecting malicious scripts into the web application's source code.

Correct Answer: A. By directly accessing the web application's server.

Explanation:

An attacker can use CSRF to manipulate a user's account settings and extract sensitive information by tricking the user into submitting a form that alters their account settings.