nerdexam
Exams350-701Questions#36
CiscoCisco

350-701 · Question #36

350-701 Question #36: Real Exam Question with Answer & Explanation

The correct answer is A: Check integer, float, or Boolean string parameters to ensure accurate values.. Parameterized queries in ASP.NET, prepared statements in Java, or similar techniques in other languages should be used comprehensively in addition to strict input validation. Each of these techniques performs all required escaping of dangerous characters before the SQL statement

Submitted by layla.eg· Mar 30, 2026

Question

Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two.)

Options

  • ACheck integer, float, or Boolean string parameters to ensure accurate values.
  • BUse prepared statements and parameterized queries.
  • CSecure the connection between the web and the app tier.
  • DWrite SQL code instead of using object-relational mapping libraries.
  • EBlock SQL code execution in the web application database login.

Explanation

Parameterized queries in ASP.NET, prepared statements in Java, or similar techniques in other languages should be used comprehensively in addition to strict input validation. Each of these techniques performs all required escaping of dangerous characters before the SQL statement is passed to the underlying database system. https://tools.cisco.com/security/center/resources/sql_injection.html

Topics

#SQL injection#Input validation#Prepared statements#Parameterized queries

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 350-701 PracticeBrowse All 350-701 Questions