Free CompTIA Security Plus SY0-701 Actual Exam Questions - Question 8 Discussion

Thinking about it differently, cross-site scripting (A) usually targets web applications, so that seems unlikely for an RTOS unless it has a web interface, which isn’t typical. Replay attacks (C) rely on capturing and reusing valid data transmissions, so unless the RTOS is networked and uses unsecured protocols, that might not be straightforward either. Ransomware (D) seems more like a high-level threat for systems running full OSes rather than real-time ones focused on specific tasks. So, memory injection (B) still feels the most plausible because it targets the core memory where the RTOS ope

B vs C here, memory injection feels more direct for RTOS compromise than replay attacks.

Maybe D makes sense here because ransomware can lock down critical RTOS functions, especially in embedded systems with limited recovery options. It’s a direct way to compromise the system’s availability.

Option C could also work since replay attacks might exploit predictable communication in RTOS environments, especially if they handle networked control messages without strong authentication.

B imo, memory injection directly messes with system operation in RTOS.