CISSP Question #723: Real Exam Question with Answer & Explanation

Sign in or unlock CISSP to reveal the answer and full explanation for question #723. The question stem and answer options stay visible for context.

Submitted by stefanr· Mar 5, 2026Software Development Security

Question

A web-based application known to be susceptible to attacks is now under review by a senior developer. The organization would like to ensure this application Is less susceptible to injection attacks specifically. What strategy will work BEST for the organization's situation?

Options

ADo not store sensitive unencrypted data on the back end.
BWhitelist input and encode or escape output before it is processed for rendering.
CLimit privileged access or hard-coding logon credentials,
DStore sensitive data in a buffer that retains data in operating system (OS) cache or memory.

Unlock CISSP to see the answer

You've previewed enough free CISSP questions. Unlock CISSP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISSP - $49.99 / 30 days Sign in

Topics

#injection attacks#input validation#output encoding#web application security

Full CISSP Practice Browse All CISSP Questions