Which of the following does this help prevent?

Sara, an application developer, implemented error and exception handling alongside input validation. Which of the following does this help prevent?

Sara, an application developer, implemented error and exception handling alongside input validation. Which of the following does this help prevent?

A.
Buffer overflow

B.
Pop-up blockers

C.
Cross-site scripting

D.
Fuzzing

Explanation:
Buffer overflow is an exploit at programming error, bugs and flaws. It occurs when an application is fed more input data than it is programmed to handle. This may
cause the application to terminate or to write data beyond the end of the allocated space in memory. The termination of the application may cause the system to
send the data with temporary access to privileged levels in the system, while overwriting can cause important data to be lost. Proper error and exception handling
and input validation will help prevent Buffer overflow exploits.
Incorrect Answers:
B: Pop-up blockers prevent websites from opening new browser windows without the users consent. These are often used for advertisements but can also be used
to distribute malicious code. This does not entail error and exception handling alongside input validation.
C: Cross-site scripting (XSS) is a form of malicious code-injection attack on a web server in which an attacker injects code into the content sent to website visitors.
XSS can be mitigated by implementing patch management on the web server, using firewalls, and auditing for suspicious activity.

D: Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then
monitored for exceptions such as crashes, or failed validation, or memory leaks.

http://en.wikipedia.org/wiki/Fuzz_testing
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 338, 218
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 192, 197, 229, 246



Leave a Reply 0

Your email address will not be published. Required fields are marked *