A penetration tester finds that an application responds with the contents of the /etc/passwd file when the following payload is sent: Which of the following should the tester recommend in the report to best prevent this type of vulnerability?
A.
Drop all excessive file permissions with chmod o-rwx.
B.
Ensure the requests application access logs are reviewed frequently.
C.
Disable the use of external entities.
D.
Implement a WAF to filter all incoming requests.
This vulnerability is likely caused by XML External Entity (XXE) injection, where an application improperly processes XML input and allows attackers to access sensitive files like /etc/passwd. Disabling external entities in the XML parser prevents attackers from exploiting this weakness.
Option A (chmod o-rwx): While restricting file permissions is a good security practice, it does not directly prevent XXE attacks.
Option B (Reviewing logs frequently): Monitoring logs helps detect attacks but does not prevent them.
Option D (Implementing a WAF): A Web Application Firewall (WAF) can help filter malicious requests, but it is not a foolproof solution against XXE vulnerabilities.
For a more robust defense, developers should also use secure XML parsers, validate input, and implement proper access controls
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.PT0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
680e6b7
4 days, 2 hours ago