Which of the following is a recommended defense against Cross-Site Request Forgery (CSRF) attacks?
CSRF tokens prevent forged requests.
Why this answer
CSRF tokens are unique per request and verified by the server, making forged requests invalid without the token.