Select from following answers:- Use parameterized query
- Use Stored procedures and re-validate data in Stored Procedure
- Use regular expression
- Use ORM tools like EF, NHibernate etc.
- All Above
Because a stored procedure that performs string concatenation is highly vulnerable to Sql injection.
Show Correct Answer
Asked In: Many Interviews |
Alert Moderator