CompTIA Security Plus Mock Test Q747

Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?

A. Input validation
B. Network intrusion detection system
C. Anomaly-based HIDS
D. Peer review


Correct Answer: A
Section: Application, Data and Host Security

Explanation:
Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input
submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.

Incorrect Answers:
B: A network-based IDS (NIDS) is an intrusion detection system that scans network traffic in real time and is useful for detecting network-based attacks.
C: A host-based IDS (HIDS) is an intrusion detection system that runs as a service on a host computer system. It is used to monitor the machine logs, system events, and application
activity for signs of intrusion. It does not prevent attacks, such as cross-site scripting attacks and buffer overflows, but detects it.
D: Peer review is the process of reviewing source code before the software is released. This is performed by a peer rather than by the programmer.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 111-112, 116-117, 257, 338
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 21, 197, 216, 319