🛡️ Free practice test question from: IDOR vulnerability (Security+)

C) It is the most effective solution because it ensures that files are not directly accessible via predictable URLs. By storing files outside the web root and serving them through a secure API that enforces strict authorization checks, the application can verify that the requesting user has the appropriate permissions to access the specific file, effectively preventing unauthorized access regardless of how the filename is manipulated.

A) Rate limiting can help mitigate automated attacks but does not address the root cause of the vulnerability, which is the lack of proper authorization checks.

B) Renaming files with user-specific prefixes makes it slightly harder to guess filenames but does not prevent access if the naming convention is predictable and attackers can still enumerate possible filenames.

D) Encrypting filenames obscures the filenames but does not provide robust security. If the encryption method is compromised or predictable, attackers can still gain access. Additionally, encryption does not replace the need for proper authorization checks.