Certified Ethical Hacker (CEH v10) — Question 61

Code injection is a form of attack in which a malicious user:

Answer options

• A. Inserts text into a data field that gets interpreted as code
• B. Gets the server to execute arbitrary code using a buffer overflow
• C. Inserts additional code into the JavaScript running in the browser
• D. Gains access to the codebase on the server and inserts new code

Correct answer: A

Explanation

The correct answer is A because code injection specifically refers to the act of inserting text that is then processed as executable code. Options B, C, and D describe different types of attacks or scenarios that do not align with the definition of code injection.