17.8k views
5 votes
A security architect is reviewing the code for a company's financial website. The architect suggests adding the following HTML element, along with a server-side function, to generate a random number on the page used to initiate a funds transfer:

Which of the following attacks is the security architect attempting to prevent?

A. SQL injection
B. XSRF
C. XSS
D. Clickjacking

1 Answer

5 votes

Final answer:

The security architect is attempting to prevent XSS (Cross-Site Scripting) attack.

Step-by-step explanation:

The security architect is attempting to prevent XSS (Cross-Site Scripting) attack by suggesting the addition of the HTML element and server-side function to generate a random number. XSS attacks involve injecting malicious scripts into a website, which can be used to steal sensitive information or hijack user sessions. By generating a random number on the page, the architect is adding an extra layer of protection to prevent this kind of attack.

User Peminator
by
7.8k points
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.