To prevent SQL injection attacks, web applications should use ___________ statements or parameterized queries.
- Dynamic SQL
- Escaped Input
- Prepared Statements
- Sanitized Input
SQL injection is a type of cyber attack where malicious SQL code is inserted into input fields of a web application, allowing attackers to access and manipulate the database. Using prepared statements or parameterized queries is an effective defense against SQL injection because they allow the database to distinguish between code and data, preventing attackers from executing arbitrary SQL commands. Sanitizing input and using escaped input are also good practices but may not provide as robust protection as prepared statements.
Loading...
Related Quiz
- Describe the concept of stable sorting algorithms and provide an example.
- What is regression testing and why is it important in software development?
- In a paged memory management system, each page is mapped to a corresponding ___________ in physical memory.
- In CSS, the ___________ property is used to control the appearance of text decorations such as underline and overline.
- The Agile practice of estimating the effort required for each user story or task is known as _________.