GIAC Foundational Cybersecurity Technologies Practice Test

The type of attack characterized by manipulating vulnerable code that uses untrusted data is Remote Code Execution. This attack occurs when an attacker exploits a vulnerability in a system or application, allowing them to execute arbitrary code on the target device. This can happen when the application improperly validates input or fails to sanitize untrusted data, leading to the execution of malicious commands or code that the attacker sends through inputs or requests. In Remote Code Execution, the focus is on gaining control over the victim's system by running harmful code, which often involves leveraging weaknesses in programming practices or application logic. When untrusted data is processed without adequate checks, it can enable the attacker to execute commands that the system would normally not allow, thus compromising the integrity, confidentiality, and availability of the system. The other options represent different types of attacks while also involving vulnerabilities related to untrusted input or data but do not directly focus on the execution of arbitrary code in the same manner as Remote Code Execution.