Certified Ethical Hacker (CEH v12) — Question 155

During your summer internship at a tech company, you have been asked to review the security settings of their web server. While inspecting, you notice the server reveals detailed error messages to users, including database query errors and internal server errors. As a cybersecurity beginner, what is your understanding of this setting, and how would you advise the company?

Answer options

• A. Retain the setting as it aids in troubleshooting user issues.
• B. Suppress detailed error messages, as they can expose sensitive information.
• C. Implement stronger encryption to secure the error messages.
• D. Increase the frequency of automated server backups.

Correct answer: B

Explanation

The correct answer is B because detailed error messages can provide attackers with information that could lead to vulnerabilities being exploited. Options A and C do not address the security risk posed by the exposure of sensitive information, while D is unrelated to the issue of error messages.