CompTIA CySA+ (CS0-001) — Question 241

A security architect is reviewing the options for performing input validation on incoming web form submissions. Which of the following should the architect as the
MOST secure and manageable option?

Answer options

• A. Client-side whitelisting
• B. Server-side whitelisting
• C. Server-side blacklisting
• D. Client-side blacklisting

Correct answer: B

Explanation

Server-side whitelisting is the most secure option because it validates input on the server, preventing malicious data from being processed regardless of client-side manipulations. Client-side options, while they can enhance user experience, can be easily bypassed by attackers. Server-side blacklisting is reactive and can be less secure than whitelisting, as it only blocks known threats rather than allowing only safe input.