CompTIA CASP+ (CAS-004) — Question 572

A security engineer performed an assessment on a recently deployed web application. The engineer was able to exfiltrate a company report by visiting the following URL:

www.intranet.abc.com/get-files.jsp?file=report.pdf

Which of the following mitigation techniques would be BEST for the security engineer to recommend?

Answer options

• A. Input validation
• B. Firewall
• C. WAF
• D. DLP

Correct answer: A

Explanation

Input validation is crucial because it ensures that only properly formatted data is accepted by the application, preventing unauthorized access to files. A firewall primarily controls traffic and may not specifically address this type of vulnerability, while a WAF protects web applications from attacks but does not directly mitigate issues related to file access. DLP focuses on preventing data loss rather than validating inputs.