300-215 · Question #42
300-215 Question #42: Real Exam Question with Answer & Explanation
The correct answer is A: Enable URL decoding on WAF.. Attackers can URL-encode the ${ sequence (e.g. %24%7B) to bypass a literal string block. Enabling URL decoding ensures the WAF normalizes and inspects decoded payloads, catching the ${ before it reaches the application.
Question
A security team needs to prevent a remote code execution vulnerability. The vulnerability can be exploited only by sending '${' string in the HTTP request. WAF rule is blocking '${', but system engineers detect that attackers are executing commands on the host anyway. Which action should the security team recommend?
Options
- AEnable URL decoding on WAF.
- BBlock incoming web traffic.
- CAdd two WAF rules to block 'S' and '{' characters separately.
- DDeploy antimalware solution.
Explanation
Attackers can URL-encode the ${ sequence (e.g. %24%7B) to bypass a literal string block. Enabling URL decoding ensures the WAF normalizes and inspects decoded payloads, catching the ${ before it reaches the application.
Topics
Community Discussion
No community discussion yet for this question.