Which of the following attacks can be mitigated by encoding or escaping output and by validating or sanitizing user input?
A. XSS attacks
B. rootkit attacks
C. DDoS attacks
D. phishing attacks
Explanation:
Cross-site scripting (XSS) attacks can be mitigated by encoding or escaping output and by validating or sanitizing user input. XSS attacks are used to exploit vulnerabilities in a web application. A common XSS exploit is performed when an attacker inserts malicious script into input fields on a web form. The script is often masked by using alternate encoding, such as Hypertext Markup Language (HTML) entities or hexadecimal characters. If the attack is successful, the attacker can inject code into a webpage, which could allow the attacker to perform a variety of malicious tasks, such as redirecting webpage visitors to another website or harvesting cookies from the victim’s computer.
Distributed Denial of Service (DDoS) attacks cannot be mitigated by encoding or escaping output or by validating or sanitizing user input. A DDoS attack exploits system and network vulnerabilities to limit access to, prevent access to, or shut down a network or a computer, such as a web server. Perpetrators of DDoS attacks typically use zombies; zombies are computers that are being controlled remotely by malicious users without the knowledge of the computer’s owner. In a DDoS attack, a malicious user directs the zombies to send a flood of packets to the intended target. The goal of the attack is to send so many packets to the target that the target is unable to accept packets; overloading the target prevents legitimate hosts from connecting to the target. To mitigate DDoS attacks, you should ensure that firewalls are in place and are updated and that endpoints are protected against malware.
Phishing attacks cannot be mitigated by encoding or escaping output or by validating or sanitizing user input. Phishing is a social engineering technique in which a malicious person uses a seemingly legitimate electronic communication, such as email or a webpage, in an attempt to dupe a user into submitting personal information, such as a Social Security number (SSN), account login information, or financial information. Spear phishing is a form of phishing that targets specific individuals. Spear phishing is considered whaling only when it specifically targets high-ranking executives of a corporation, such as chief executive officers (CEOs) or chief financial officers (CFOs). To mitigate the effects of a phishing attack, users should use email clients and web browsers that provide phishing filters as well as up-to-date antimalware programs. In addition, users should also be wary of any unsolicited email or web content that requests personal information.
Rootkit attacks cannot be mitigated by encoding or escaping output or by validating or sanitizing user input. A rootkit is a type of malware that can be used to create a back door on a computer so that an attacker can gain access to the computer in the future. There are five different types of rootkits: user-mode rootkits, kernel-mode rootkits, bootloader rootkits, memory rootkits, and firmware rootkits. Rootkit attacks can be mitigated by ensuring that endpoints are protected with up-to-date antimalware programs.
Reference: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
https://checkmarx.com/2017/10/09/3-ways-prevent-xss/