A company's website is experiencing frequent SQL injection attacks. How would you advise the development team to mitigate this security risk?
- Implement input validation and sanitization
- Regularly update and patch the web server and database management system (DBMS)
- Use parameterized queries
- Utilize a web application firewall (WAF)
Input validation and sanitization ensure that user input is validated and sanitized to prevent SQL injection attacks. Parameterized queries separate SQL code from user input, reducing the risk of SQL injection. Regularly updating and patching the web server and DBMS closes known vulnerabilities that attackers exploit. A WAF can detect and block SQL injection attacks, but it's not as effective as input validation and sanitization.
Loading...
Related Quiz
- Explain the concept of partial dependency and its relevance in normalization.
- Explain the role of MIME types in HTTP communication.
- What is the main drawback of the First Come First Serve (FCFS) scheduling algorithm?
- What is the significance of the time quantum in Round Robin scheduling?
- You're designing a social networking platform where users can have complex relationships with other users and entities. Which type of NoSQL database would you choose and why?