78.5k views
3 votes
Using TLS to protect application traffic helps satisfy which of the OWASP 2016-best practices?

A,Parameterize queries
B.Encode data
C.Validate all inputs
D.Protect data

1 Answer

6 votes

Final answer:

Using TLS secures application traffic and aligns with the OWASP 2016 best practice of 'Protect Data' by encrypting data and maintaining its confidentiality and integrity during transmission.

Step-by-step explanation:

Using TLS (Transport Layer Security) to protect application traffic helps satisfy the OWASP (Open Web Application Security Project) 2016 best practices, specifically relating to the category of 'Protect Data'. TLS provides a secured communication channel between client and server, aiming to ensure that sensitive data is transmitted securely over the internet by encrypting the data in transit. This practice directly addresses concerns of data breaches, eavesdropping, and man-in-the-middle attacks, which could compromise data integrity and confidentiality. By using TLS, an application ensures that data such as passwords, credit card numbers, or personal information is protected against unauthorized access.



While TLS does not parameterize queries, which is related to preventing SQL injection, encode data, or validate all inputs, which are associated with preventing XSS (Cross-site Scripting) and other forms of input-based vulnerabilities, it plays a crucial role in safeguarding data as it traverses networks. By encrypting the communication, TLS aligns with the OWASP best practices in preserving the privacy and integrity of data, conforming to the principle of protecting users' sensitive information.

User George McKibbin
by
8.5k points