ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

While reviewing misuse cases for a microservice that ingests customer-supplied XML, you document the threat "attacker submits deeply nested entities to crash the server." Which security requirement would most effectively mitigate this abuse case?

The service must reject any XML payload larger than 5 MB.
All API traffic must be protected with TLS 1.2 or higher.
The system must log every XML parsing error with timestamp and client IP.
The XML parser must disable external entity resolution and limit entity expansion depth.

Report Issue

Answer Description

The described threat is a form of XML External Entity (XXE) or entity expansion attack, where maliciously crafted, deeply nested or recursive entities consume excessive memory or CPU and cause denial of service. The primary preventive control is to configure the XML parser so it never processes external entities and strictly limits, or completely disables, entity expansion. Doing so eliminates the attack vector before the payload can be interpreted. Simply restricting request size may not help because small documents can still expand exponentially in memory. Requiring TLS protects data in transit but does nothing about parser behavior. Logging parsing errors is useful for detection and forensics, yet it does not block the attack. Therefore, disabling external entity resolution and limiting expansion depth is the most direct and effective requirement.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.