CISSP · Question #936
From a security perspective, which of the following assumptions MUST be made about input to an application?
The correct answer is D. It is untrusted. From a security perspective, input to an application must always be considered untrusted. This assumption is crucial because malicious actors can attempt to manipulate or craft input in ways that exploit vulnerabilities in the application. Treating all input as untrusted helps to
Question
From a security perspective, which of the following assumptions MUST be made about input to an application?
Options
- AIt is tested
- BIt is logged
- CIt is verified
- DIt is untrusted
How the community answered
(58 responses)- A2% (1)
- B7% (4)
- C2% (1)
- D90% (52)
Explanation
From a security perspective, input to an application must always be considered untrusted. This assumption is crucial because malicious actors can attempt to manipulate or craft input in ways that exploit vulnerabilities in the application. Treating all input as untrusted helps to ensure that proper security controls-such as input validation, sanitization, and verification-are in place to prevent attacks like SQL injection, cross-site scripting (XSS), buffer overflows, or other forms of input-based exploitation.
Topics
Community Discussion
No community discussion yet for this question.