اختبار شهادة محلل الأمن السيبراني CompTIA CySA+

السؤال 328 من 1101

كل الأسئلة

تنبيه مهم

هذه الصفحة مخصصة للأرشفة وظهور السؤال في نتائج البحث فقط، وليست التجربة الفعلية للاختبار.

A security analyst recently used Arachni to perform a vulnerability assessment of a newly developed web application. The analyst is concerned about the following output:
[+] XSS: In form input 'txtSearch' with action https://localhost/search.aspx
[-] XSS: Analyzing response #1...
[-] XSS: Analyzing response #2...
[-] XSS: Analyzing response #3...
[+] XSS: Response is tainted. Looking for proof of the vulnerability.
Which of the following is the most likely reason for this vulnerability?

A The developer set input validation protection on the specific field of search.aspx.
B The developer did not set proper cross-site scripting protections in the header.
C The developer did not implement default protections in the web application build.
D The developer did not set proper cross-site request forgery protections.

السؤال السابق

السؤال التالي

لا توجد نقاشات منشورة لهذا السؤال حالياً.