The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-si

seenagapeApril 30, 2016

The BEST methods for a web developer to prevent the website application code from being
vulnerable to cross-site request forgery (XSRF) are to: (Select TWO).

PrepAway - Latest Free Exam Questions & Answers

A.
Permit redirection to Internet-facing web URLs.

B.
Ensure all HTML tags are enclosed in angle brackets, e.g., ”<” and “>”.

C.
Validate and filter input on the server side and client side.

D.
Use a web proxy to pass website requests between the user and the application.

E.
Restrict and sanitize use of special characters in input and URLs.

Explanation:
XSRF or cross-site request forgery applies to web applications and is an attack that exploits the
web application’s trust of a user who known or is supposed to have been authenticated. This is
often accomplished without the user’s knowledge.
XSRF can be prevented by adding a randomization string (called a nonce) to each URL request
and session establishment and checking the client HTTP request header referrer for spoofing.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

CompTIA Exam Questions

Free CompTIA Study Guide

The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-si

Leave a Reply Cancel reply