header bg

Scan QR code or get instant email to install app


A true statement is which of the following?

A Configuring the web server to send random challenge tokens is the best mitigation for CSRF attacks.

Requests from the bad guy masquerading as your session ID through your browser may be greatly reduced by ensuring that each request contains a challenge token - it's naughty and dropped if the server receives one without a token.

Related Information