nerdexam
EC-Council

312-50V9 · Question #239

Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software applications?

The correct answer is A. Validate and escape all information sent to a server. Contextual output encoding/escaping could be used as the primary defense mechanism to stop Cross-site Scripting (XSS) attacks. https://en.wikipedia.org/wiki/Cross- site_scripting#Contextual_output_encoding.2Fescaping_of_string_input

Hacking Web Applications

Question

Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software applications?

Options

  • AValidate and escape all information sent to a server
  • BUse security policies and procedures to define and implement proper security settings
  • CVerify access right before allowing access to protected information and UI controls
  • DUse digital certificates to authenticate a server prior to sending data

How the community answered

(48 responses)
  • A
    90% (43)
  • B
    2% (1)
  • C
    2% (1)
  • D
    6% (3)

Explanation

Contextual output encoding/escaping could be used as the primary defense mechanism to stop Cross-site Scripting (XSS) attacks. https://en.wikipedia.org/wiki/Cross- site_scripting#Contextual_output_encoding.2Fescaping_of_string_input

Topics

#XSS prevention#input validation#output encoding#secure coding

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice