Certified Ethical Hacker (CEH v13) — Question 130

During your summer internship at a tech company, you have been asked to review the security settings of their web server. While inspecting, you notice the server reveals detailed error messages to users, including database query errors and internal server errors. As a cybersecurity beginner, what is your understanding of this setting, and how would you advise the company?

Answer options

• A. Retain the setting as it aids in troubleshooting user issues.
• B. Suppress detailed error messages, as they can expose sensitive information.
• C. Implement stronger encryption to secure the error messages.
• D. Increase the frequency of automated server backups.

Correct answer: B

Explanation

The correct answer is B because detailed error messages can provide attackers with valuable information about the server's architecture and vulnerabilities. Options A and D are incorrect as they do not address the security risk presented by revealing sensitive information. Option C is not relevant because encryption does not prevent error messages from being displayed; it only protects data in transit.