During the review of a web-based software development project, an IS auditor realizes that coding
standards are not enforced and code reviews are rarely carried out. This will MOST likely increase
the likelihood of a successful:

A.
buffer overflow.

B.
brute force attack.

C.
distributed denial-of-service attack.

D.
war dialing attack.

Explanation:

Poorly written code, especially in web-based applications, is often exploited by hackers using
buffer overflow techniques. A brute force attack is used to crack passwords. A distributed denialof-service attack floods its target with numerous packets, to prevent it from responding to
legitimate requests. War dialing uses modem-scanning tools to hack PBXs.