CISSP · Question #77
Which of the following is a method used to prevent Structured Query Language (SQL) injection attacks?
The correct answer is D. Data validation. Data validation is a method used to prevent Structured Query Language (SQL) injection attacks, which are a type of web application attack that exploit the input fields of a web form to inject malicious SQL commands into the underlying database. Data validation involves checking t
Question
Which of the following is a method used to prevent Structured Query Language (SQL) injection attacks?
Options
- AData compression
- BData classification
- CData warehousing
- DData validation
How the community answered
(29 responses)- A7% (2)
- B3% (1)
- D90% (26)
Explanation
Data validation is a method used to prevent Structured Query Language (SQL) injection attacks, which are a type of web application attack that exploit the input fields of a web form to inject malicious SQL commands into the underlying database. Data validation involves checking the input data for any illegal or unexpected characters, such as quotes, semicolons, or keywords, and rejecting or sanitizing them before passing them to the database.
Topics
Community Discussion
No community discussion yet for this question.