While reviewing logs, you find malicious references inserted into your organization’s XML configuration that cause the parser to reveal sensitive file paths. Which measure corrects this issue while still retaining valid user-defined elements?
Move the configuration file into a protected directory
Clear custom tags introduced by users
Transform the configuration into a different format
Restrict outside lookups in the parser and remove unsafe input from any user additions
Filtering out harmful user entries and disabling outside references in the XML parser stops an attacker from introducing elements that trigger unintended file lookups. This approach preserves legitimate tags and user data without enabling malicious content. Merely placing the file in a protected directory or clearing custom tags does not sanitize rogue entries nor stop external lookups, and converting the format sidesteps the issue rather than fixing it.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are XML parsers and their role in processing XML documents?
Open an interactive chat with Bash
What is 'restricting outside lookups' in an XML parser, and why is it important?
Open an interactive chat with Bash
How does input sanitization work in preventing malicious entries in XML documents?