Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks. What among the following should Wesley avoid from considering?

Last Updated on August 1, 2021 by Admin 1

Wesley is an incident handler in a company named Maddison Tech. One day, he was learning techniques for eradicating the insecure deserialization attacks.

What among the following should Wesley avoid from considering?

  • Deserialization of trusted data must cross a trust boundary
  • Understand the security permissions given to serialization and deserialization
  • Allow serialization for security-sensitive classes
  • Validate untrusted input, which is to be serialized to ensure that serialized data contain only trusted classes
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments