In this type of attack, a hacker alters the content of the web page by using HTML code and by identifying the form fields that lack valid constraints?

• A. Command Injection Attacks
• B. Web Defacement
• C. Cookie Tampering
• D. SQL Injection Attacks

Answer: (A)

This question is about how unvalidated user input can be used to change what a webpage displays. When form fields don’t enforce proper constraints or encoding, an attacker can submit HTML code that gets embedded in the page output. That allows the attacker to alter the page’s content, which is the essence of web defacement. The attacker isn’t just sending data to the server or database; they’re manipulating the visible page itself by injecting HTML. The other attack types target different mechanisms: command injection tries to run commands on the server, cookie tampering modifies session data stored in cookies, and SQL injection alters database queries. So, the scenario described aligns best with web defacement through HTML injection, which is made possible by lack of proper input validation.