A web developer wants to ensure that malicious users can’t type SQL statements when they asked for input, like their username/userid.
Which of the following query optimization techniques would effectively prevent SQL Injection attacks?
A . Indexing.
B . Subset of records.
C . Temporary table in the query set.
D . Parametrization.
Answer: D
Explanation:
The correct answer is D: Parametrization. Parameterized SQL queries allow you to place parameters in an SQL query instead of a constant value. A parameter takes a value only when the query is executed, allowing the query to be reused with different values and purposes. Parameterized SQL statements are available in some analysis clients, and are also available through the Historian SDK. For example, you could create the following conditional SQL query, which contains a parameter for the collector’s name: SELECT* FROM ExamsDigest WHERE coursename=? ORDER BY tagname SQL Injection is best prevented through the use of parameterized queries.
Latest DA0-001 Dumps Valid Version with 180 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund