CompTIA
PT0-001 · Question #95
PT0-001 Question #95: Real Exam Question with Answer & Explanation
Sign in or unlock PT0-001 to reveal the answer and full explanation for question #95. The question stem and answer options stay visible for context.
Vulnerability discovery and analysis
Question
A recently concluded penetration test revealed that a legacy web application is vulnerable lo SQL injection Research indicates that completely remediating the vulnerability would require an architectural change, and the stakeholders are not m a position to risk the availability of the application Under such circumstances, which of the following controls are low-effort, short-term solutions to minimize the SQL injection risk? (Select TWO).
Options
- AIdentify and eliminate inline SQL statements from the code.
- BIdentify and eliminate dynamic SQL from stored procedures.
- CIdentify and sanitize all user inputs.
- DUse a whitelist approach for SQL statements.
- EUse a blacklist approach for SQL statements.
- FIdentify the source of malicious input and block the IP address.
Unlock PT0-001 to see the answer
You've previewed enough free PT0-001 questions. Unlock PT0-001 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#SQL injection#input validation#whitelist filtering#vulnerability mitigation