header bg

Question:

The best protection against XSS attacks would be which of the following?

A Configure input validation on your systems.
Explaination

The word "best" is usually a tricky one. Configuring server-side procedures to validate what is entered into the input field is by far the greatest protection in this instance. Could vulnerability scans and pen testing alert you to a problem? Sure, but they don't do anything to defend you on their own.