AVirtual Private Network (VPN) (B)encrypts all data transmitted between remote users and the enterprise infrastructure, ensuringconfidentiality. VPNs are essential in protecting sensitive data from interception over untrusted networks.
This is covered underDomain 3.3: Secure network designs, whereVPNsare listed as a key control forensuring confidentiality of remote connections.
Reference: CompTIA Security+ SY0-701 Objectives, Domain 3.3 - "Remote access security: VPN (ensures confidentiality)."

Input validation is the primary defense against injection attacks, such as SQL injection or command injection. It ensures that user-supplied data is properly sanitized before processing, preventing attackers from injecting malicious code.
Authentication (A) helps verify user identity but does not prevent injection attacks.
Secure cookies (B) improve session security but do not address injection vulnerabilities.
Static code analysis (C) helps identify vulnerabilities in source code but does not actively prevent attacks in real-time.
Reference:
CompTIA Security+ SY0-701 Official Study Guide, Threats, Vulnerabilities, and Mitigations domain.

Detailed Explanation:Insecure key storage refers to vulnerabilities caused by improper handling of cryptographic keys and certificates, such as storing them in plaintext or lacking access controls. Reference:
CompTIA Security+ SY0-701 Study Guide, Domain 2: Threats, Section: "Cryptographic Vulnerabilities and Mitigation".

A partially known environment is a type of penetration test where the tester has some information about the target, such as the IP address, the operating system, or the device type. This can help the tester focus on specific vulnerabilities and reduce the scope of the test. A partially known environment is also called a gray box test1.