Which of the following is a best practice for error and…

Which of the following is a best practice for error and exception handling?

Which of the following is a best practice for error and exception handling?

A.
Log detailed exception but display generic error message

B.
Display detailed exception but log generic error message

C.
Log and display detailed error and exception messages

D.
Do not log or display error or exception messages

Explanation:
A detailed explanation of the error is not helpful for most end users but might provide information that is useful to a hacker. It is therefore better to display a simple
but helpful message to the end user and log the detailed information to an access-restricted log file for the administrator and programmer who would need as much

information as possible about the problem in order to rectify it.
Incorrect Answers:
B, C, D: The programmer would need as much information as possible about the problem in order to rectify it. However, a detailed explanation of the error should
not be displayed to the end user as this information might be useful to a hacker. Therefore, a detailed explanation should be logged and a generic message should
be displayed to the end user.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 219
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 230



Leave a Reply 0

Your email address will not be published. Required fields are marked *