CompTIA CASP+ (CAS-004) — Question 120
A security analyst discovered that the company's WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests:
(&(objectClass=*)(objectClass=*))(&(objectClass=void)(type=admin))
Which of the following would BEST mitigate this vulnerability?
Answer options
- A. Network intrusion prevention
- B. Data encoding
- C. Input validation
- D. CAPTCHA
Correct answer: C
Explanation
Input validation is essential for ensuring that only properly formatted data is accepted, which can prevent malicious payloads from being processed. While network intrusion prevention, data encoding, and CAPTCHA can provide some level of security, they do not directly address the core issue of validating input to block harmful requests like the one shown.