Exam CS0-003 topic 1 question 378 discussion

Actual exam question from CompTIA's CS0-003

Question #: 378
Topic #: 1

A web application has a function to retrieve content from an internal URL to identify CSRF attacks in the logs. The security analyst is building a regular expression that will filter out the correctly formatted requests. The target URL is https://10.1.2.3/api, and the receiving API only accepts GET requests and uses a single integer argument named “id.” Which of the following regular expressions should the analyst use to achieve the objective?

A. ^(?!https://10\.1\.2\.3/api\?id=[0-9]+)
B. ^https://10\.1\.2\.3/api\?id=\d+
C. (?:^https://10\.1\.2\.3/api\?id=[0-9]+)
D. ^https://10\.1\.2\.3/api\?id=[0-9]+$

Show Suggested Answer

Suggested Answer: D 🗳️

by hashed_pony at Jan. 5, 2025, 12:45 p.m.

Comments

Submit Cancel

hashed_pony

Highly Voted 3 months, 2 weeks ago

Selected Answer: D

Who's going to memorize regex for an exam? You have to be kidding... Anyway, just memorized it start with an ^ and ends with a $ sign. -_-

upvoted 7 times

...

4ee1800

Most Recent 3 weeks, 1 day ago

Selected Answer: D

^...$ = Perfectly matches the entire string.

upvoted 1 times

...

Popeyes_Chicken

3 months ago

Selected Answer: D

D. ^https://10\.1\.2\.3/api\?id=[0-9]+$ Matches the URL exactly from start (^) to end ($), making sure no extra characters exist before or after the URL. It meets all the stated requirements.

upvoted 3 times

...

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam

Exam CS0-003 topic 1 question 378 discussion

Comments

hashed_pony

4ee1800

Popeyes_Chicken

SY0-701