Developing Applications Using Cisco Core Platforms and APIs (DEVCOR) — Question 403

Which two techniques protect against injection attacks? (Choose two.)

Answer options

• A. input validation
• B. trim whitespace
• C. limit text areas to 255 characters
• D. string escaping of user free text and data entry
• E. only use dropdown, checkbox, and radio button fields

Correct answer: A, D

Explanation

Input validation (A) ensures that only properly formatted data is accepted, which helps prevent malicious input. String escaping (D) converts potentially harmful characters into a safe format, mitigating the risk of injection. The other options, while they may improve usability or limit input size, do not directly address the vulnerabilities associated with injection attacks.