CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA PenTest+ PT0-002 Practice Question

During a penetration testing engagement, your team has identified an application that is vulnerable to command injection due to insufficient input validation. In your final report, what is the most appropriate process-level remediation recommendation to address this specific vulnerability?

  • Recommend the implementation of proper input sanitization and the use of prepared statements or parameterized queries.

  • Suggest increasing the complexity of input validation rules within the application code.

  • Instruct the client to configure the existing Web Application Firewall (WAF) to block command injection attacks.

  • Advise the client to update their application frameworks to the latest versions to avoid command injection.

This question is for objective:
Reporting and Communication
Your Score:
Reporting and Communication
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Tools and Code Analysis
Planning and Scoping