Different Responses for Different Actors Discussion

I need support with this Writing question so I can learn better.

1. Title: Different Responses for Different Actors?

Entities aimed at exposing secrets rather than benefiting from obtained information – such as hacktivists or Julian Assange – are much different threats than cyber-criminals, terrorists, or state-based espionage. Based on their intent, should we view them in the same light? Should the law enforcement or intelligence response differ based on the actor? Should the legal system handle a hacktivist differently than a cyber-criminal, a spy, or a terrorist?

2. XXE and RCE

This week’s readings deal with XXE and RCE vulnerabilities. One vulnerability is related to XML and the other is related to accessing another computer system to perform malicious actions. Can exploitation of one vulnerability also lead to the exploitation of the other? Please explain your position in 200 words or more.

3. Which explanation about remote code execution is not correct? Justify your choice

XXE attacks are exploited by attackers when an application poorly parses XML.
The geographic location of a computing system is irrelevant to an RCE attack.
RCE can be exploited in one of two ways; by using executing shell commands and by executing functions or in the programming language of the vulnerable application.
RCE vulnerabilities are prevented when user input is incorrectly sanitized.
A major difference between RCE and XSS exploits is that an RCE attack usually targets a system to self-promote the attacker’s privileges, and an XSS attack usually targets a system or application to gain access only.