Answer-Which of the following is an effective countermeasure against Cross-Site Scripting (XSS) attacks in...

Question

Accepted Answer

Detailed ExplanationCross-Site Scripting XSS is a vulnerability where attackers inject malicious scripts into websites that are executed in the context of the users browser. The primary way to prevent XSS attacks is by implementing input validation to ensure that user-provided data does not contain malicious content and output encoding to neutralize special characters e.g., ,  before displaying them on web pages.    Input validation ensures that data conforms to expected formats e.g., alphanumeric for usernames and blocks inputs containing dangerous characters or scripts.   Output encoding modifies potentially harmful content so that it is treated as data rather than executable code. For example, encoding  as ltscriptgt ensures the browser renders it as text, not as code.   These strategies work in tandem with Content Security Policy CSP headers, which limit where scripts can be loaded from. Additionally, developers should sanitize user inputs using libraries or frameworks designed for XSS prevention. Proper implementation ensures secure user interactions, protects sensitive data, and mitigates XSS threats effectively.   Why Other Options Are Incorrect    Option A Disabling cookies does not address XSS vulnerabilities. Cookies are often unrelated to the attack vector exploited in XSS.   Option C Symmetric key encryption secures data but does not mitigate XSS since it does not handle the injection and execution of malicious scripts.   Option D Restricting file types for uploads only prevents certain file-based exploits, not the injection of scripts into web forms or URLs.   Option E HTTP2 improves performance but has no direct impact on mitigating XSS attacks.

Which of the following is an effective countermeasure

Solution