Which of the following is an appropriate security control the company should implement?

A company suspects a web server may have been infiltrated by a rival corporation.

The security engineer reviews the web server logs and finds the following:

The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run:

Which of the following is an appropriate security control the company should implement?
A . Restrict directory permission to read-only access.
B . Use server-side processing to avoid XSS vulnerabilities in path input.
C . Separate the items in the system call to prevent command injection.
D . Parameterize a query in the path variable to prevent SQL injection.

View Answer

Answer: C

Explanation:

The company using the wrong port is the most likely root cause of why secure LDAP is not working. Secure LDAP is a protocol that provides secure communication between clients and servers using LDAP (Lightweight Directory Access Protocol), which is a protocol that allows querying and modifying directory services over TCP/IP. Secure LDAP uses SSL (Secure Sockets Layer) or TLS (Transport Layer Security) to encrypt LDAP traffic and prevent unauthorized disclosure or interception.