CompTIA
CAS-003 · Question #746
CAS-003 Question #746: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #746. The question stem and answer options stay visible for context.
Question
A developer has executed code for a website that allows users to search for employees' phone numbers by last name. The query string sent by the browser is as follows: The developer has implemented a well-known JavaScript sanitization library and stored procedures, but a penetration test shows the website is vulnerable to XSS. Which of the following should the developer implement NEXT to prevent XSS? (Choose two.)
Options
- ASanitization library
- BSecure cookies
- CTLS encryption
- DInput serialization
- EOutput encoding
- FPUT form submission
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.