Which two preventive measures are used to control cross-site scripting? (Choose two.)
Which two preventive measures are used to control cross-site scripting? (Choose two.)
A . Enable client-side scripts on a per-domain basis.
B . Incorporate contextual output encoding/escaping.
C . Disable cookie inspection in the HTML inspection engine.
D . Run untrusted HTML input through an HTML sanitization engine.
E . SameSite cookie attribute should not be used.
Answer: AB
Latest 350-701 Dumps Valid Version with 327 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
B. Incorporate contextual output encoding/escaping.
D. Run untrusted HTML input through an HTML sanitization engine.
https://en.wikipedia.org/wiki/Cross-site_scripting
Preventive measures
-Contextual output encoding/escaping of string input
-Safely validating untrusted HTML input
“Untrusted HTML input must be run through an HTML sanitization engine to ensure that it does not contain XSS code.”
-Cookie security
-Disabling scripts
-Selectively disabling scripts
-Emerging defensive technologies
-SameSite cookie parameter