nerdexam
(ISC)2

CERTIFIED-IN-CYBERSECURITY · Question #46

Which of the following attacks take advantage of poor input validation in websites?

The correct answer is C. Cross-Site Scripting. Cross-Site Scripting (XSS) is a type of attack where malicious executable scripts are injected into the code of an otherwise benign website (or web application). Websites are vulnerable to XSS when they display data originating from requests or forms without validating it (and fu

Security Principles

Question

Which of the following attacks take advantage of poor input validation in websites?

Options

  • APhishing
  • BTrojans
  • CCross-Site Scripting
  • DRootkits

How the community answered

(54 responses)
  • A
    2% (1)
  • B
    7% (4)
  • C
    87% (47)
  • D
    4% (2)

Explanation

Cross-Site Scripting (XSS) is a type of attack where malicious executable scripts are injected into the code of an otherwise benign website (or web application). Websites are vulnerable to XSS when they display data originating from requests or forms without validating it (and further sanitizing it, so that it is not executable). Trojans and phishing are attacks where software applications and messages try to appear legitimate but have hidden malicious functions, not necessarily relying on poor input validations. Finally, input validation does not even apply to a

Topics

#Web Security#Input Validation#Cross-Site Scripting#Web Application Attacks

Community Discussion

No community discussion yet for this question.

Full CERTIFIED-IN-CYBERSECURITY Practice