Certified Cloud Security Professional (CCSP) — Question 348
Many different common threats exist against web-exposed services and applications. One attack involves attempting to leverage input fields to execute queries in a nested fashion that is unintended by the developers.
What type of attack is this?
Answer options
- A. Injection
- B. Missing function-level access control
- C. Cross-site scripting
- D. Cross-site request forgery
Correct answer: A
Explanation
The correct answer is Injection, which refers to attacks that involve inserting malicious code into a query through input fields. The other options, such as Missing function-level access control, Cross-site scripting, and Cross-site request forgery, describe different types of vulnerabilities and attacks that do not involve the manipulation of input fields to execute unintended queries.