Certified Ethical Hacker (CEHv9) Questions and answers
97. A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.
What kind of Web application vulnerability likely exists in their software?
A. Cross-site scripting vulnerability
B. Web site defacement vulnerability
C. SQL injection vulnerability
D. Cross-site Request Forgery vulnerability
98. Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?