CISA Certified Information Systems Auditor – Question1187

When recommending a preventive control against cross-site scripting in web applications, an information security manager is MOST likely to suggest:

A.
using https in place of http.
B. hardening of the web server’s operating system.
C. consolidating multiple sites into a single portal.
D. coding standards and code review.

Correct Answer: D