Question

You are the IT security manager for a retail merchant organization that is just going online with an e-commerce website. You hired several programmers to craft the code that is the backbone of your new web sales system. However, you are concerned that while the new code functions well, it might not be secure. You begin to review the code, systems design, and services architecture to track down issues and concerns. Which of the following do you hope to find in order to prevent or protect against XSS?

A. Input validation
B. Defensive coding
C. Allowing script input
D. Escaping metacharacters

Answer 1

A. Input validation

Step-by-step explanation:

Based on the information provided within the question it can be said that the best way to protect against XSS would be Input Validation. This is a programming technique of preventing data that is improperly formed from entering the system and maybe causing problems with that system, and is done by coding defensively and escaping metacharacters, thus preventing all script-like input.