Citrix 1Y0-341 Exam - Topic 7 Question 31 Discussion

Actual exam question for Citrix's 1Y0-341 exam

Question #: 31
Topic #: 7

A review of purchases made at an online retailer shows that several orders were processed for items at an unpublished price.

Which protection can a Citrix Engineer implement to prevent a site visitor from modifying the unit price of a product on the shopping cart page?

ACross-Site Request Forgeries (CSRF)

BForm Field Consistency

CHTML Cross-Site Scripting (XSS)

DHTML SQL Injection

Show Suggested Answer

Suggested Answer: B

by Alease at May 09, 2022, 08:36 AM

Limited Time Offer

25%

Off

Get Premium 1Y0-341 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Yan

4 months ago

SQL Injection isn't relevant to this issue, right?

upvoted 0 times

...

Lyndia

4 months ago

Definitely need to prevent price tampering!

upvoted 0 times

...

Lindsey

4 months ago

Wait, can XSS really affect pricing? Sounds odd.

upvoted 0 times

...

Sue

4 months ago

I think Form Field Consistency is more effective here.

upvoted 0 times

...

Lorriane

5 months ago

CSRF is a common protection method.

upvoted 0 times

...

Lisbeth

5 months ago

I've seen this type of issue before. Replacing the percent sign with two percent signs should do the trick.

upvoted 0 times

...

Jose

5 months ago

Okay, I think the key here is understanding that the perimeter service itself can be a point of failure. I'll need to consider how to protect that service from attacks.

upvoted 0 times

...

Jacklyn

5 months ago

Okay, let me think this through. I know WCF is the recommended connection mode, but I'm not sure about the details on NET remoting. I'll need to review that part carefully.

upvoted 0 times

...

Wilda

5 months ago

Okay, I think I've got it. The higher numbered policy rule, which turns ROP on, takes precedence. So the answer is C, ROP is on for winword.exe.

upvoted 0 times

...