CompTIA CySA+ (CS0-002) — Question 107

A security analyst discovers the company’s website is vulnerable to cross-site scripting. Which of the following solutions will BEST remedy the vulnerability?

Answer options

• A. Prepared statements
• B. Server-side input validation
• C. Client-side input encoding
• D. Disabled JavaScript filtering

Correct answer: B

Explanation

The correct answer is B, as server-side input validation effectively checks and sanitizes data before it reaches the client, thus preventing cross-site scripting attacks. While prepared statements and client-side input encoding are useful, they do not provide the same level of protection against this specific vulnerability. Disabling JavaScript filtering would actually increase the risk of such attacks.