new code functions well, it might not be secure. You begin to
                    review the code, the systems design, and the services architecture

                    to track down issues and concerns. Which of the following do you
                    hope to find in order to prevent or protect against XSS?

                    A.  Input validation

                    B.  Defensive coding

                    C.  Allowing script input

                    D.  Escaping metacharacters

               17.  What form of attack abuses a program’s lack of length limitation on
                    the data it receives before storing the input in memory, which can

                    lead to arbitrary code execution?

                    A.  ARP poisoning

                    B.  XSS

                    C.  Domain hijacking

                    D.  Buffer overflow

              18.  What security principle helps prevent users from accessing
                    memory spaces assigned to applications being run by other users?

                    A.  Separation of privilege

                    B.  Layering

                    C.  Process isolation


                    D.  Least privilege

               19.  Which security principle mandates that only a minimum number
                    of operating system processes should run in supervisory mode?

                    A.  Abstraction

                    B.  Layering

                    C.  Data hiding

                    D.  Least privilege

              20.  Which security principle takes the concept of process isolation and