Question 22 of 44 from exam CAS-004: CompTIA CASP+
Question
A security analyst discovered that the company's WAF was not properly configured.
The main web server was breached, and the following payload was found in one of the malicious requests:
![<!DOCTYPE doc [
<!ELEMENT doc ANY>
<ENTITY xxe SYSTEM “file:///etc/password”>]>
<doc>&xxe;</doc>](https://eaeastus2.blob.core.windows.net/optimizedimages/assets/media/exam-media/04092/0001500001.png)
Which of the following would BEST mitigate this vulnerability?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
https://hdivsecurity.com/owasp-xml-external-entities-xxe![Example #1: The attacker attempts to extract data from the server
<2xml version="1.0" encoding
<ELEMENT foo ANY >
<IENTITY xxe SYSTEM “file: ///etc/passud” >]> <foo>&xxe; </foo>
IS0-8859-1"?> <IDOCTYPE foo [
Example #2: An attacker probes the server's private network by changing the above ENTITY line
to
<HENTITY xxe SYSTEM “https: //192.168.1.1/private” >]>](https://eaeastus2.blob.core.windows.net/optimizedimages/assets/media/exam-media/04092/0001600001.png)
