Certified SOC Analyst (CSA) — Question 36

Which of the following attack can be eradicated by disabling of "allow_url_fopen and allow_url_include" in the php.ini file?

Answer options

• A. File Injection Attacks
• B. URL Injection Attacks
• C. LDAP Injection Attacks
• D. Command Injection Attacks

Correct answer: A

Explanation

Disabling 'allow_url_fopen' and 'allow_url_include' in the php.ini file prevents File Injection Attacks by stopping the execution of remote files. The other options, such as URL Injection Attacks, LDAP Injection Attacks, and Command Injection Attacks, are not directly mitigated by these settings and require different security measures.