CASP+ CAS-003 – Question 268


A recent security assessment revealed a web application may be vulnerable to clickjacking. According to the application developers, a fix may be months away.

Which of the following should a security engineer configure on the web server to help mitigate the issue?

A. File upload size limits
B. HttpOnly cookie field
C. X-Frame-Options header
D. Input validation

Correct Answer: C