CompTIA CySA+ (CS0-002) — Question 370

A security analyst is generating a list of recommendations for the company's insecure API. Which of the following is the BEST parameter mitigation recommendation?

Answer options

• A. Use TLS for all data exchanges.
• B. Use effective authentication and authorization methods.
• C. Implement parameterized queries.
• D. Validate all incoming data.

Correct answer: D

Explanation

Validating all incoming data is crucial because it helps to prevent malicious input that could exploit vulnerabilities in the API. While using TLS, effective authentication, and parameterized queries are important security practices, they do not specifically address the issue of parameter validation, which is essential for safeguarding against injection attacks.