Certified Ethical Hacker (CEH v12) — Question 231

A large multinational corporation is in the process of evaluating its security infrastructure to identify potential vulnerabilities. After a comprehensive analysis, they found multiple areas of concern, including time of check/time of use (TOC/TOU) errors, improper input handling, and poor patch management. Which of the following approaches will best help the organization mitigate the vulnerability associated with TOC/TOU errors?

Answer options

• A. Regular patching of servers, firmware, operating system, and applications
• B. Ensuring atomicity of operations between checking and using data resources
• C. Frequently updating firewall configurations to prevent intrusion attempts
• D. Implementing stronger encryption algorithms for all data transfers

Correct answer: B

Explanation

The correct answer, B, focuses on ensuring that operations are atomic, meaning they are completed fully without interruption, which directly mitigates TOC/TOU errors. The other options, while important for overall security, do not specifically address the timing issues inherent in TOC/TOU vulnerabilities.