CompTIA
CAS-003 · Question #763
CAS-003 Question #763: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #763. The question stem and answer options stay visible for context.
Technical Integration of Enterprise Security
Question
A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following: The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run: Which of the following is an appropriate security control the company should implement?
Options
- ARestrict directory permission to read-only access.
- BUse server-side processing to avoid XSS vulnerabilities in path input.
- CSeparate the items in the system call to prevent command injection.
- DParameterize a query in the path variable to prevent SQL injection.
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#command injection#web application security#input validation#secure coding