Free CompTIA PenTest+ PT0-002 Practice Question

During a penetration test, you are evaluating a collection of scripts that includes various procedures to handle different tasks. One of the procedures is meant to sanitize user input for a web application form to prevent injection attacks. The procedure checks the input against a set of conditions before allowing it to be processed by the server. Which of the following is a best practice that the procedure should implement to prevent malicious data from compromising the server?

  • Restricting the length of the input to a maximum number of characters allowed.

  • Escaping all special characters in the input to ensure they are treated as literal strings.

  • Hashing the user input before appending it to the server-side script.

  • Using parameterized queries with placeholders for user input.

This question's topic:
CompTIA PenTest+ PT0-002 / 
Tools and Code Analysis
Your Score:

Check or uncheck an objective to set which questions you will receive.