A penetration tester is testing a web application and is logged in as a lower-privileged user. The tester runs arbitrary JavaScript within an application, which sends an XMLHttpRequest, resulting in exploiting features to which only an administrator should have access. Which of the following controls would BEST mitigate the vulnerability?
A) Implement authorization checks.
B) Sanitize all the user input.
C) Prevent directory traversal.
D) Add client-side security controls
Correct Answer:
Verified
Q81: Which of the following commands will allow
Q82: A penetration tester runs the following on
Q83: A penetration tester discovers an anonymous FTP
Q84: A penetration tester has successfully exploited a
Q85: During the exploitation phase of a penetration
Q87: A penetration tester has obtained access to
Q88: During a penetration test, a tester identifies
Q89: A penetration tester is connected to a
Q90: A senior employee received a suspicious email
Q91: When negotiating a penetration testing contract with
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents