Certified SOC Analyst (CSA) — Question 61

Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks.
What among the following should Wesley avoid from considering?

Answer options

• A. Deserialization of trusted data must cross a trust boundary
• B. Understand the security permissions given to serialization and deserialization
• C. Allow serialization for security-sensitive classes
• D. Validate untrusted input, which is to be serialized to ensure that serialized data contain only trusted classes

Correct answer: C

Explanation

The correct answer is C because allowing serialization for security-sensitive classes can introduce vulnerabilities. Options A, B, and D are important practices to mitigate risks associated with deserialization attacks and should be considered by Wesley.