212-82 · Question #102
212-82 Question #102: Real Exam Question with Answer & Explanation
The correct answer is C: Exception handling. Exception handling is a secure application design principle that states that the application should handle errors and exceptions gracefully and securely, without exposing sensitive information or compromising the system's functionality. Exception handling can help prevent attacke
Question
Miguel, a professional hacker, targeted an organization to gain illegitimate access to its critical information. He identified a flaw in the end-point communication that can disclose the target application's data. Which of the following secure application design principles was not met by the application in the above scenario?
Options
- ASecure the weakest link
- BDo not trust user input
- CException handling
- DFault tolerance
Explanation
Exception handling is a secure application design principle that states that the application should handle errors and exceptions gracefully and securely, without exposing sensitive information or compromising the system's functionality. Exception handling can help prevent attackers from exploiting errors or exceptions to gain access to data or resources or cause denial-of-service attacks. In the scenario, Miguel identified a flaw in the end-point communication that can disclose the target application's data, which means that the application did not meet the exception handling principle.
Topics
Community Discussion
No community discussion yet for this question.