Which of the following tuning recommendations should the security analyst share?

An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed:

文本

描述已自动生成

Which of the following tuning recommendations should the security analyst share?
A . Set an HttpOnlvflaq to force communication by HTTPS
B . Block requests without an X-Frame-Options header
C . Configure an Access-Control-Allow-Origin header to authorized domains
D . Disable the cross-origin resource sharing header

Answer: B

Explanation:

The output shows that the web application is vulnerable to clickjacking attacks, which allow an attacker to overlay a hidden frame on top of a legitimate page and trick users into clicking on malicious links. Blocking requests without an X-Frame-Options header can prevent this attack by instructing the browser to not display the page within a frame.

Latest CS0-003 Dumps Valid Version with 128 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments