CompTIA CySA+ (CS0-003) — Question 148

After reviewing the final report for a penetration test, a cybersecurity analyst prioritizes the remediation for input validation vulnerabilities. Which of the following attacks is the analyst seeking to prevent?

Answer options

• A. DNS poisoning
• B. Pharming
• C. Phishing
• D. Cross-site scripting

Correct answer: D

Explanation

The correct answer is D, Cross-site scripting, as it directly exploits input validation weaknesses to execute malicious scripts in the user's browser. The other options, while serious attacks, are not primarily related to input validation vulnerabilities.