You work as a Security Manager for Tech Perfect Inc. You want to save all the data from the SQL
injection attack, which can read sensitive data from the database and modify database data using
some commands, such as Insert, Update, and Delete. Which of the following tasks will you
perform? Each correct answer represents a complete solution. Choose three.
A.
Apply maximum number of database permissions.
B.
Use an encapsulated library for accessing databases.
C.
Create parameterized stored procedures.
D.
Create parameterized queries by using bound and typed parameters.
Explanation:
The methods of mitigating SQL injection attacks are as follows: 1.Create
parameterized queries by using bound and typed parameters. 2.Create parameterized stored
procedures. 3.Use a encapsulated library in order to access databases. 4.Minimize database
should minimize database permissions.