SY0-301 · Question #725
A security administrator develops a web page and limits input into their fields on the web page as well as filters special characters in output. The administrator is trying to prevent which of the fol
The correct answer is B. XSS. XSS (Cross-Site Scripting) is the correct answer. XSS attacks occur when an attacker injects malicious scripts into web page content that is then executed by other users' browsers. The two primary defenses described-limiting/validating input and encoding/filtering special charact
Question
A security administrator develops a web page and limits input into their fields on the web page as well as filters special characters in output. The administrator is trying to prevent which of the following attacks?
Options
- ASpoofing
- BXSS
- CFuzzing
- DPharming
How the community answered
(49 responses)- A2% (1)
- B94% (46)
- D4% (2)
Explanation
XSS (Cross-Site Scripting) is the correct answer. XSS attacks occur when an attacker injects malicious scripts into web page content that is then executed by other users' browsers. The two primary defenses described-limiting/validating input and encoding/filtering special characters in output-are the standard countermeasures against XSS. Input validation prevents malicious data from entering the system, and output encoding prevents injected content from being interpreted as executable script by the browser.
Topics
Community Discussion
No community discussion yet for this question.