EC-Council
312-50V7 · Question #59
312-50V7 Question #59: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V7 to reveal the answer and full explanation for question #59. The question stem and answer options stay visible for context.
Question
Consider the following code: text=<script>alert(document.cookie)</script> If an attacker can trick a victim user to click a link like this, and the Web application does not validate input, then the victim's browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page, or redirecting the user to another Web site. What is the countermeasure against XSS scripting?
Options
- ACreate an IP access list and restrict connections based on port number
- BReplace "<" and ">" characters with "& l t;" and "& g t;" using server scripts
- CDisable Javascript in IE and Firefox browsers
- DConnect to the server using HTTPS protocol instead of HTTP
Unlock 312-50V7 to see the answer
You've previewed enough free 312-50V7 questions. Unlock 312-50V7 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.