ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam
Go to Exam

Exam SY0-701 topic 1 question 404 discussion

Actual exam question from CompTIA's SY0-701
Question #: 404
Topic #: 1
[All SY0-701 Questions]

An organization's web servers host an online ordering system. The organization discovers that the servers are vulnerable to a malicious JavaScript injection, which could allow attackers to access customer payment information. Which of the following mitigation strategies would be most effective for preventing an attack on the organization's web servers? (Choose two.)

  • A. Regularly updating server software and patches
  • B. Implementing strong password policies
  • C. Encrypting sensitive data at rest and in transit
  • D. Utilizing a web-application firewall
  • E. Performing regular vulnerability scans
  • F. Removing payment information from the servers
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by AriGarcia at Nov. 25, 2024, 6:13 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ProudFather
3 weeks, 3 days ago
Selected Answer: DE
A web application firewall (WAF) is specifically designed to protect web applications from attacks like SQL injection, cross-site scripting (XSS), and other web-based vulnerabilities. It can filter and block malicious requests, preventing attackers from exploiting vulnerabilities in the web application. Regular vulnerability scans help identify and address vulnerabilities in the web servers and applications. This includes identifying and patching the vulnerability that allowed the JavaScript injection.
upvoted 1 times
...
Fourgehan
1 month, 2 weeks ago
Selected Answer: AD
A. Regularly updating server software and patches (Keeping server software and any associated components up to date is essential in preventing known vulnerabilities from being exploited. This includes updating the web server, libraries, frameworks, and other software that could be vulnerable to attack, including JavaScript injection vulnerabilities) D. Utilizing a web-application firewall (A WAF is specifically designed to filter, monitor, and block malicious traffic directed at a web application. It can detect and block a wide range of attacks, including JavaScript injection, cross-site scripting (XSS), and other common web-based threats)
upvoted 4 times
...
AriGarcia
1 month, 2 weeks ago
Selected Answer: AD
Keeping server software up-to-date ensures that known vulnerabilities, including those that could be exploited for JavaScript injection, are patched. Many attacks exploit outdated software, so this is a critical step in mitigation. A WAF is specifically designed to detect and block malicious web traffic, including JavaScript injection attacks. It inspects incoming HTTP/S requests and can filter out malicious payloads targeting vulnerabilities in web applications.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago