A number of security incidents have been reported involving mobile web-based code developed by
a consulting company. Performing a root cause analysis, the security administrator of the
consulting company discovers that the problem is a simple programming error that results in extra
information being loaded into the memory when the proper format is selected by the user. After
repeating the process several times, the security administrator is able to execute unintentional
instructions through this method. Which of the following BEST describes the problem that is
occurring, a good mitigation technique to use to prevent future occurrences, and why it a security
concern?

A.
Problem: Cross-site scripting
Mitigation Technique. Input validation
Security Concern: Decreases the company’s profits and cross-site scripting can enable malicious
actors to compromise the confidentiality of network connections or interrupt the availability of the
network.

B.
Problem: Buffer overflow
Mitigation Technique: Secure coding standards
Security Concern: Exposes the company to liability buffer overflows and can enable malicious
actors to compromise the confidentiality/availability of the data.

C.
Problem: SQL injection
Mitigation Technique: Secure coding standards
Security Concern: Exposes the company to liability SQL injection and can enable malicious actors
to compromise the confidentiality of data or interrupt the availability of a system.

D.
Problem: Buffer overflow
Mitigation Technique: Output validation
Security Concern: Exposing the company to public scrutiny buffer overflows can enable malicious
actors to interrupt the availability of a system.