Which two are major approaches that can be used to reduce the SQL injection by limiting user
input? (Choose two.)
A.
Restrict users accessing specified web page.
B.
Use NUMBER data type if only positive integers are needed.
C.
Use dynamic SQL and construct it through concatenation of input values.
D.
In PL/SQL API, expose only those routines that are intended for customer use.
A, D
http://download.oracle.com/oll/tutorials/SQLInjection/html/lesson2/les02_tm_inputs.htm
D , A