Q: Which of the following is not recommended to secure web applications against authenticated users?

A Filtering data with a default deny regular expression
B Client-side data validation
C Using parameterized queries to access a database
D Running the application with least privileges

Share this MCQ

Answer: B

Explanation:

The correct answer is:

Client-side data validation

Explanation: While client-side data validation can improve user experience and reduce server load, it is not recommended as the sole security measure for web applications. Since client-side validation can be bypassed (e.g., by manipulating the client-side code), it should not be relied upon to secure the application.

Instead, the following measures are more secure:

Filtering data with a default deny regular expression: Helps prevent malicious input.
Using parameterized queries to access a database: Prevents SQL injection attacks.
Running the application with least privileges: Reduces the potential impact of a security breach.

Server-side validation and secure coding practices are essential for proper security.

Secure Programming Practices

Share Above MCQ

‹ Previous Next ›

Write your comment

Learn More MCQ Questions from Secure Programming Practices Secure Programming Practices

Q: Which of the following is not recommended to secure web applications against authenticated users?

Report Question