Question

Sharon is responsible for the security on web applications. She’s looking to see if all applications have input validation. What is the best way to implement validation?

Answer 1

Answer:

Options Include:

A) Server-side validation

B) Client-side validation

C) Validate in trust

D) Client-side and server-side validation

Client-side and server-side validation is Correct

Explanation:

The best option is to validate the client side with the server side. Using these together would provide the best testing option for Sharon.

This keeps user feedback instantly without wasting postbacks while also protecting against JavaScript disabled users. That's how the validation controls for ASP.NET operate.

This is definitely not over-engineering as there are risks of using one without the other.

Individual validation on the server side and individual validation on the client side are both incorrect. Trust validation is not a form of validation.