What is the best practice to mitigate the vulnerabilities from a lack of proper error handling in an application?

What is the best practice to mitigate the vulnerabilities from a lack of proper error handling in an application?

• Use only a minimum set of error messages.
• Use a strong algorithm to encrypt the transmission of error messages.
• Use a well-thought-out scheme to provide meaningful error messages to the users but no useful information to an attacker.
• Use a third-party hosting service to provide coded error messages and transmit them securely to users, software developers, and support staff.

Explanation: Improper error handling is a weakness and security malpractice that can provide information to help an attacker perform additional attacks on the targeted system. A best practice is to handle error messages according to a well-thought-out scheme that provides a meaningful error message to the user, diagnostic information to developers and support staff, and no useful information to an attacker.

Exam with this question: 6.13.3 Quiz - Performing Post-Exploitation Techniques Answers