Given the following code:
Which of the following are the BEST methods to prevent against this type of attack? (Choose two.)
A. Web-application firewall
B. Parameterized queries
C. Output encoding
D. Session tokens
E. Input validation
F. Base64 encoding