A software vendor has had several zero-day attacks against its software, due to previously
unknown security defects being exploited by attackers. The attackers have been able to perform
operations at the same security level as the trusted application. The vendor product management
team has decided to re-design the application with security as a priority. Which of the following is a
design principle that should be used to BEST prevent these types of attacks?
A.
Application sandboxing
B.
Input validation
C.
Penetration testing
D.
Code reviews