Which type of SQL query is in the SQL statement select * from users where user = "admin";?
- static query
- stacked query
- out-of-band query
- parameterized query
Explanation: The best mitigation for SQL injection vulnerabilities is to use immutable queries, including:
- Static queries
- Parameterized queries
- Stored procedures (if they do not generate dynamic SQL)
Immutable queries do not contain data that could be interpreted. Sometimes, they process the data as a single entity bound to a column without interpretation. In this case, it is an example of static queries.
Exam with this question: 6.13.3 Quiz - Performing Post-Exploitation Techniques Answers
Please login or Register to submit your answer