While reviewing an online store’s customer feedback section, you notice that malicious code can be placed in comments so end users see it in their web clients. Which measure helps prevent these harmful scripts from executing?
Process and escape content from users so suspicious tags cannot be rendered
Track all submitted user feedback in event logs for a quick overview of potential hazards
Adopt a layered approach by placing user comments on an isolated subsystem
Use an external firewall that reviews packets traversing the network perimeter
Processing and escaping user-supplied content closes the opportunity for harmful scripts to be rendered in a client’s browser. Analyzing logs is beneficial for investigations but does not prevent unwanted scripts, a segmented network is unrelated to sanitizing the data path, and firewall inspection alone is not enough to remove suspicious code from user-submitted text.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'processing and escaping user input' mean?
Open an interactive chat with Bash
What is a cross-site scripting (XSS) attack?
Open an interactive chat with Bash
Why is logging user activity not enough to stop malicious code?