A penetration tester noticed special characters in a database table. The penetration tester configured the browser to use an HTTP interceptor to verify that the front-end user registration web form accepts invalid input in the user's age field. The developer was notified and asked to fix the issue. Which of the following is the MOST secure solution for the developer to implement? A) IF $AGE == "!@#$%^&*()_+?":{}[]" THEN ERROR B) IF $AGE == [1234567890] {1,3} THEN CONTINUE C) IF $AGE != "a-bA-Z!@#$%^&*()_+?":{}[] "THEN CONTINUE D) IF $AGE == [1-0] {0,2} THEN CONTINUE

Question

A penetration tester noticed special characters in a database table. The penetration tester configured the browser to use an HTTP interceptor to verify that the front-end user registration web form accepts invalid input in the user's age field. The developer was notified and asked to fix the issue. Which of the following is the MOST secure solution for the developer to implement? A) IF $AGE == "!@#$%^&*()_+<>?":{}[]" THEN ERROR B) IF $AGE == [1234567890] {1,3} THEN CONTINUE C) IF $AGE != "a-bA-Z!@#$%^&*()_+<>?":{}[] "THEN CONTINUE D) IF $AGE == [1-0] {0,2} THEN CONTINUE

Quizplus · Accepted Answer

The most secure solution is to validate that the age field contains only numeric values and is within a reasonable range. Option B checks if the age consists of 1 to 3 digits, which is appropriate for an age field.

A Penetration Tester Noticed Special Characters in a Database Table