In a database application, a SQL query is responsible for retrieving financial transaction records. You suspect that the query might be prone to SQL injection attacks. What action should you take to verify and secure the query?
- Implement strong encryption
- Restrict access to the database
- Use parameterized queries
- Validate user input
Using parameterized queries is an effective way to prevent SQL injection attacks. Parameterized queries separate SQL code from user input, making it impossible for attackers to inject malicious SQL code into the query. This practice enhances the security of the application by ensuring that all input values are treated as data rather than executable SQL code.
Loading...
Related Quiz
- A common challenge in authentication testing is ensuring ____________.
- What is the role of access control lists (ACLs) in authorization testing?
- Scenario: You are responsible for implementing continuous integration for database testing in your organization. Which factors should you consider when selecting a CI/CD tool for this purpose?
- Which type of testing focuses on finding errors in the database schema and data consistency?
- What is the primary goal of query optimization during performance testing?