A security analyst is reviewing a web application. If an unauthenticated user tries to access a page in the application,
Posted: Sat Jul 23, 2022 7:39 pm
A security analyst is reviewing a web application. If an unauthenticated user tries to access a page in the application, the user is redirected to the login page. After successful authentication, the user is then redirected back to the original page. Some users have reported receiving phishing emails with a link that takes them to the application login page but then redirects to a fake login page after successful authentication.
Which of the following will remediate this software vulnerability?
A. Enforce unique session IDs for the application.
B. Deploy a WAF in front of the web application.
C. Check for and enforce the proper domain for the redirect. Most Voted
D. Use a parameterized query to check the credentials.
E. Implement email filtering with anti-phishing protection. Most Voted
Which of the following will remediate this software vulnerability?
A. Enforce unique session IDs for the application.
B. Deploy a WAF in front of the web application.
C. Check for and enforce the proper domain for the redirect. Most Voted
D. Use a parameterized query to check the credentials.
E. Implement email filtering with anti-phishing protection. Most Voted