Which of the following is not recommended to secure web applications against authenticated users?
a) Running the application with least privileges
b) Client-side data validation
c) Filtering data with a default deny regular expression
d) Using parameterized queries to access a database