CompTIA CASP+ (CAS-004) — Question 293

A penetration tester discovers a condition that causes unexpected behavior in a web application. This results in the dump of the interpreter's debugging information, which includes the interpreter’s version, full path of binary files, and the user ID running the process. Which of the following actions would best mitigate this risk?

Answer options

• A. Include routines in the application for message handling.
• B. Adopt a compiled programming language instead.
• C. Perform SAST vulnerability scans on every build.
• D. Validate user-generated input.

Correct answer: A

Explanation

Including routines for message handling can help manage how errors and exceptions are processed, preventing sensitive information from being exposed. Switching to a compiled language may not address the underlying issue of improper error handling. While SAST scans and input validation are important security practices, they do not directly mitigate the risk of leaking debugging information during unexpected behavior.