29 Dec Practice Test Question- SQL Injection Safeguards
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Veronica is developing a web application that must interact with the database. She would like to safeguard it against SQL injection attacks. Which one of the following controls would best achieve her goal?
A. Inline Queries
B. Stored Procedures
C. Normalizing her database structure
D. Performing data wrangling
Correct Answer: B
Stored procedures are a form of parameterized query where the query template is stored on the database server, safe from modification. Making it our correct answer here. Users may only provide parameters to that query, which are executed in a manner that prevents SQL injection attacks.
Interested in more practice test questions?
Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!
No Comments