Certified Incident Handler (CIH) Practice Ecam

Which attack allows an adversary to input invalid data into a program in an attempt to gain unauthorized access?

• A. Code Injection
• B. Cross-Site Scripting
• C. Improper Input Handling
• D. Session Hijacking

The correct answer is: Code Injection

The situation described relates to a scenario where an adversary attempts to exploit a vulnerability in a program by inputting malicious or invalid data. Code injection is a well-known attack vector that occurs when an attacker is able to introduce or "inject" code into a program. This malicious code can manipulate the program's behavior or enable unauthorized access to sensitive information or systems. In particular, code injection exploits include SQL injection, where SQL commands are entered into input fields, and command shell injection, where system commands may be executed. This type of attack targets applications that do not properly validate or sanitize user inputs, allowing an attacker to execute arbitrary commands or queries. In contrast, the other options describe different security concerns: Cross-Site Scripting (XSS) primarily deals with injecting scripts into web pages viewed by other users; Improper Input Handling concerns the general failure to validate or sanitize inputs, which may lead to various vulnerabilities, but does not specifically describe the direct injection of code; and Session Hijacking involves exploiting a user's session tokens to impersonate them, rather than manipulating input into a program directly. Therefore, the most precise choice for an attack that involves inputting invalid data with the intention of unauthorized access is indeed code injection.