A security architect is reviewing the code for a company’s financial website.
The architect suggests adding the following HTML element, along with a server-side function, to generate a random number on the page used to initiate a funds transfer:
<input type=”hidden” name=”token” value=generateRandomNumber()>
Which of the following attacks is the security architect attempting to prevent?
A . SQL injection
B . XSRF
C . XSS
D . Clickjacking
Answer: B