Which of the following does NOT help to protect against session hijacking and fixation
attacks?
A.
Rotate the session id on successful login and logout using session_regenerate_id()
B.
Use SSL and set the $secure cookie parameter to true .
C.
Set the session.use_only_cookies php.ini parameter to 1 .
D.
Protect against XSS vulnerabilities in the application.
E.
Set the session.cookie_lifetime php.ini parameter to 0 .