What is the BEST control to address SQL injection vulnerabilities?

CISA V2 0 Comments

What is the BEST control to address SQL injection vulnerabilities?
A . Unicode translation
B . Secure Sockets Layer (SSL) encryption
C . Input validation
D . Digital signatures

Answer: C

Explanation:

Input validation is the best control to address SQL injection vulnerabilities, because it can prevent malicious users from entering SQL commands or statements into input fields that are intended for data entry, such as usernames or passwords. SQL injection is a technique that exploits a security vulnerability in an application’s software by inserting SQL code into a query string that can execute commands on a database server. Unicode translation, SSL encryption, and digital signatures are not effective controls against SQL injection, because they do not prevent or detect SQL code injection into input fields.

References: CISA Review Manual (Digital Version), Chapter 5, Section 5.4.2

Latest CISA Dumps Valid Version with 2694 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISA PDF     CISA Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments