True or False: The Web Security Module can prevent non-admin users from adding references to external resources.

The statement is true because the Web Security Module in Sitefinity is designed to enhance security management, including the ability to control what non-admin users can do regarding external resources. By default, the module implements security settings that prevent these users from adding potentially unsafe external references, which could pose security risks such as JavaScript injection or other vulnerabilities.

This feature is crucial for maintaining a secure environment within the Sitefinity CMS and ensuring that only authorized personnel can make changes that could impact the integrity of the site. By restricting non-admin users from adding external resources, the Web Security Module helps safeguard the website's functionality and data against unauthorized access and potential attacks.

The other options are less accurate because the module enforces these restrictions broadly rather than only applying to certain resource types or limited to development mode. The module's security framework is established to maintain consistent protection across various scenarios and user roles within the Sitefinity platform.