Last Updated on August 9, 2021 by Admin 3
A security engineer is assisting a developer with input validation, and they are studying the following code block:
The security engineer wants to ensure strong input validation is in place for customer-provided account identifiers. These identifiers are ten-digit numbers. The developer wants to ensure input validation is fast because a large number of people use the system.
Which of the following would be the BEST advice for the security engineer to give to the developer?
- Replace code with Java-based type checks
- Parse input into an array
- Use regular expressions
- Canonicalize input into string objects before validation