CompTIA CySA+ (CS0-002) — Question 382

According to a static analysis report for a web application, a dynamic code evaluation script injection vulnerability was found. Which of the following actions is the
BEST option to fix the vulnerability in the source code?

Answer options

• A. Delete the vulnerable section of the code immediately.
• B. Create a custom rule on the web application firewall.
• C. Validate user input before execution and interpretation.
• D. Use parameterized queries.

Correct answer: C

Explanation

The correct answer is C because validating user input is crucial in mitigating injection vulnerabilities, as it ensures that only safe and expected data is processed. Option A is not a sustainable solution as it may not address the underlying issue, B might help in monitoring but does not fix the code, and D, while a good practice for SQL injections, does not directly address dynamic code evaluation vulnerabilities.