Certified Secure Software Lifecycle Professional (CSSLP) — Question 33

Which of the following vulnerabilities occurs when an application directly uses or concatenates potentially hostile input with data file or stream functions?

Answer options

• A. Insecure cryptographic storage
• B. Malicious file execution
• C. Insecure communication
• D. Injection flaw

Correct answer: D

Explanation

The correct answer is D, Injection flaw, as it specifically refers to the risk of executing unintended commands through untrusted input. Options A, B, and C do not directly relate to the issue of using hostile input in file or stream operations.