CompTIA Security+ Question I-58

Without validating user input, an application becomes vulnerable to all of the following EXCEPT:

A. Buffer overflow.
B. Command injection.
C. Spear phishing.
D. SQL injection.

Answer: C

Explanation:
Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.