Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the web-site developers decided to add some 3rd party marketing tools on it. The tools are written in JavaScript and can track the customer’s activity on the site. These tools are located on the servers of the marketing company.
What is the main security risk associated with this scenario?
A . External script contents could be maliciously modified without the security team knowledge
B . External scripts have direct access to the company servers and can steal the data from there
C . There is no risk at all as the marketing services are trustworthy
D . External scripts increase the outbound company data traffic which leads greater financial losses
Answer: A
Leave a Reply