CCSP Question #260: Real Exam Question with Answer & Explanation

Sign in or unlock CCSP to reveal the answer and full explanation for question #260. The question stem and answer options stay visible for context.

Submitted by stefanr· Apr 18, 2026Cloud Application Security

Question

The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application development experts and published approximately every 24 months. The 2013 OWASP Top Ten list includes "cross- site scripting (XSS)." Which of the following is not a method for reducing the risk of XSS attacks?

Options

AUse an auto-escaping template system.
BXML escape all identity assertions.
CSanitize HTML markup with a library designed for the purpose.
DHTML escape JSON values in an HTML context and read the data with JSON.parse.

Unlock CCSP to see the answer

You've previewed enough free CCSP questions. Unlock CCSP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CCSP - $49.99 / 30 days Sign in

Topics

#OWASP Top Ten#Cross-Site Scripting (XSS)#Application Security#Output Encoding

Full CCSP Practice Browse All CCSP Questions