Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 648

What are two examples of code injection vulnerabilities? (Choose two.)

Answer options

• A. XML external entity injection
• B. cross-site scripting
• C. session hijacking
• D. SQL injection
• E. arbitrary command injection

Correct answer: B, D

Explanation

The correct answers are B and D because cross-site scripting and SQL injection are both recognized forms of code injection vulnerabilities that can be exploited by attackers. Options A, C, and E, while related to security threats, do not specifically fall under the category of code injection vulnerabilities.