A developer has executed code for a website that allows users to search for employees’ phone numbers by last name. The query string sent by the browser is as follows: http://www.companywebsite.com/search.php?q=SMITH Thedeveloper has implemented a well-known JavaScript sanitization library and stored procedures, but a penetration test shows the website is vulnerable to XSS. Which of the following should the developer implement NEXT to prevent XSS?
(Choose two.)
A. Sanitization library
B. Secure cookies
C. TLS encryption
D. Input serialization
E. Output encoding
F. PUT form submission
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
