Prepare for the Ethical Hacking Essentials Test. Study with flashcards and multiple-choice questions, each exam includes hints and explanations. Get ready to ace your certification exam!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.


Which countermeasure helps defend against LDAP injection attacks?

  1. Use strong passwords

  2. Make the LDAP filter as specific as possible

  3. Implement two-factor authentication

  4. Use session management

The correct answer is: Make the LDAP filter as specific as possible

Using the LDAP filter as specific as possible is an effective countermeasure against LDAP injection attacks because it reduces the attack surface that an attacker can exploit. LDAP (Lightweight Directory Access Protocol) injection is a type of attack where an attacker can manipulate LDAP queries by injecting malicious input, leading to unauthorized access or data retrieval. By crafting a more precise and restrictive filter, the application limits what can be queried. This minimizes the chances of an attacker being able to insert their own malicious LDAP commands or extract unintended data. Therefore, developers should aim to ensure that only the necessary attributes and conditions are included in their LDAP queries. This design principle is known as 'input validation,' which is crucial to secure coding practices. The other options, while they may enhance overall security, do not specifically address the vulnerabilities associated with LDAP injection. Strong passwords, two-factor authentication, and session management relate more to user authentication and session integrity rather than directly preventing injection attacks in LDAP queries.