🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional82 / 124
Question 82 of 124

A development team is building a customer-facing web application hosted on cloud IaaS. The application accepts a URL from users and fetches the content of that URL to generate link previews. During a threat modeling review, a security architect warns that an attacker could abuse this feature to make the server retrieve the cloud instance metadata endpoint (e.g., 169.254.169.254) and potentially expose IAM credentials. Which mitigation most directly addresses this specific vulnerability class?

Reviewed for accuracy · Report an issueNext question