Which two preventive measures are used to control cross-site scripting? (Choose two.)

350-701 1 Comment

Which two preventive measures are used to control cross-site scripting? (Choose two.)
A . Enable client-side scripts on a per-domain basis.
B . Incorporate contextual output encoding/escaping.
C . Disable cookie inspection in the HTML inspection engine.
D . Run untrusted HTML input through an HTML sanitization engine.
E . SameSite cookie attribute should not be used.

Answer: AB

Latest 350-701 Dumps Valid Version with 327 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 350-701 PDF     350-701 Questions Online Training
Subscribe
Notify of
guest
1 Comment
Inline Feedbacks
View all comments
CCNP_KID
CCNP_KID
2 years ago

B. Incorporate contextual output encoding/escaping.
D. Run untrusted HTML input through an HTML sanitization engine.

https://en.wikipedia.org/wiki/Cross-site_scripting
Preventive measures
-Contextual output encoding/escaping of string input
-Safely validating untrusted HTML input
“Untrusted HTML input must be run through an HTML sanitization engine to ensure that it does not contain XSS code.”
-Cookie security
-Disabling scripts
-Selectively disabling scripts
-Emerging defensive technologies
-SameSite cookie parameter

0
Reply