Multiple Choice
A penetration tester is testing a web application and is logged in as a lower-privileged user. The tester runs arbitrary JavaScript within an application, which sends an XMLHttpRequest, resulting in exploiting features to which only an administrator should have access. Which of the following controls would BEST mitigate the vulnerability?
A) Implement authorization checks.
B) Sanitize all the user input.
C) Prevent directory traversal.
D) Add client-side security controls
Correct Answer:
Verified
Correct Answer:
Verified
Q85: A tester has captured a NetNTLMv2 hash
Q86: A penetration tester is planning to conduct
Q87: A penetration tester is in the process
Q88: A healthcare organization must abide by local
Q89: Which of the following is the reason
Q91: A penetration tester is reviewing the following
Q92: For which of the following reasons does
Q93: Black box penetration testing strategy provides the
Q94: A penetration tester is checking a script
Q95: Click the exhibit button. <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1257/.jpg" alt="Click