Which of the following defines why it is important for a developer to deploy known-good (whitelist) input validation for all requests made to a web service API?

Which of the following defines why it is important for a developer to deploy known-good (whitelist)
input validation for all requests made to a web service API?

Which of the following defines why it is important for a developer to deploy known-good (whitelist)
input validation for all requests made to a web service API?

A.
Known-good validation ensures that all inputs are in an expected format and are valid before
processing them. As requests to the API come over the network, they must be considered
untrusted.

B.
Known-good (whitelist) can be performed much faster than known-bad input validation.

C.
Known-good input validation is the only way to prevent command (SQL) injection attacks and
since web services are typically integrated with a backend SQL database, this checking ensures
the integrity and confidentiality of the database.

D.
Known-good input validation first checks to ensure that incoming requests are being made by a
valid and known client before beginning to process them, so that inputs from attackers are never
processed, thus protecting the web service.

Explanation:



Leave a Reply 0

Your email address will not be published. Required fields are marked *