A small company uses a public cloud service provider to host an online store. The online store uses a web application as the front end and a database as the backend. When a customer places an order in the web form, the request is then sent to the database to check the inventory, current price, and customer information thereby completing the order. The IT manager is learning that threat attackers may launch attacks by injecting malformed data into the web application. What is a security coding technique that the company can use to minimize such attacks?
- input validation
- multi-factor authentication
- encryption
- obfuscation
Explanation & Hint:
User input validation rules can help ensure the security of applications and databases by checking to see if data meets certain rules when entered into a field in a web form. A validation rule checks that data falls within the parameters defined by the database designer. This helps to ensure the completeness, accuracy, and consistency of data. |