A security team is conducting a vulnerability assessment on a web application and discovers that the application is vulnerable to a directory traversal attack. Which of the following is the BEST method to mitigate this vulnerability?
Modify file system permissions to restrict access.
Update the web application framework to the latest version.
Disable directory listings on the server.
Implement input validation to sanitize user-supplied data.
The best method to mitigate a directory traversal attack is to implement input validation. This involves validating user-supplied data to ensure that it does not contain dangerous characters or patterns that would allow attackers to navigate the file system. Although other methods, such as updating the framework or modifying permissions, can contribute to security, input validation directly addresses the root cause of directory traversal vulnerabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is input validation and why is it important?
Open an interactive chat with Bash
What are directory traversal attacks?
Open an interactive chat with Bash
What are other common methods to secure web applications besides input validation?