A systems administrator configures a new application. The next day a security analyst reviews the logs and identifies multiple accounts that had been created overnight with administrative privileges and connections from different countries. Which of the following solutions would have prevented this incident?

Rationale

Changing the default credentials would have prevented unauthorized administrative access to the application.

The creation of multiple administrator accounts and connections from different countries strongly suggests that attackers gained unauthorized access to the newly configured application. One of the most common causes of this type of compromise is the use of default credentials, which are widely known and frequently targeted by attackers. Replacing default usernames and passwords with strong, unique credentials is a critical security best practice that helps prevent unauthorized access.

A (Applying input validation) YOUR ANSWER

Input validation helps ensure that users enter properly formatted and safe data into an application. It is primarily used to prevent attacks such as SQL injection, command injection, and cross-site scripting (XSS). Although important for application security, it would not directly prevent attackers from logging in with default administrative credentials.

B (Changing the default credentials) CORRECT

— Correct Answer
Many applications and devices are deployed with default usernames and passwords that are publicly known or easily guessed. If these credentials are not changed, attackers can use them to gain administrative access, create additional privileged accounts, and compromise the system. Changing default credentials immediately after installation is a fundamental security control.

C (Installing a honeynet) YOUR ANSWER

A honeynet is a decoy environment designed to attract and study attackers. While it can assist with threat intelligence and monitoring malicious activity, it does not prevent unauthorized access to production systems.

D (Deploying a WAF) YOUR ANSWER

A Web Application Firewall (WAF) helps protect web applications from attacks such as SQL injection, cross-site scripting, and other web-based threats. However, a WAF would not typically prevent attackers from accessing an application using valid default administrative credentials.

Conclusion

The most effective way to prevent this incident would have been to change the application’s default credentials during initial configuration. Strong authentication practices are essential for preventing unauthorized administrative access and protecting systems from compromise.

Changing the default credentials would have prevented unauthorized administrative access to the application.

Related Questions

Related Quizzes

How familiar were you with this question?

Report an Issue

Rate this Practice Test