CompTIA Security+ (SY0-701) — Question 70

A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting. Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?

Answer options

• A. Secure cookies
• B. Version control
• C. Input validation
• D. Code signing

Correct answer: C

Explanation

Input validation is the correct answer because it ensures that any data entered into the web application's form fields is checked for validity and safety, thus preventing cross-site scripting attacks. Secure cookies, version control, and code signing do not directly address the specific vulnerability of cross-site scripting in input fields.