CompTIA PenTest+ (PT0-001) — Question 16

A penetration tester was able to enter an SQL injection command into a text box and gain access to the information store on the database. Which of the following is the BEST recommendation that would mitigate the vulnerability?

Answer options

• A. Randomize the credentials used to log in.
• B. Install host-based intrusion detection.
• C. Implement input normalization.
• D. Perform system hardening.

Correct answer: C

Explanation

Implementing input normalization is the best recommendation as it ensures that data entered into the system is properly validated and sanitized, preventing SQL injection attacks. Randomizing credentials, installing intrusion detection, and system hardening are useful security measures, but they do not specifically address the input validation issue that led to the SQL injection vulnerability.