New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CISSP Exam - Topic 5 Question 18 Discussion

Actual exam question for ISC2's CISSP exam
Question #: 18
Topic #: 5
[All CISSP Questions]

Which of the following is the BEST way to protect against Structured Query language (SQL) injection?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Fernanda at May 09, 2022, 03:50 AM

Limited Time Offer

25%

Off

Get Premium CISSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Cathrine
4 months ago
I agree with D, but can we really trust stored procedures alone?
upvoted 0 times
...
Mitsue
4 months ago
I thought HTML restrictions were enough, but I guess not!
upvoted 0 times
...
Stephanie
4 months ago
Wait, isn't B just a typo? What’s "Ratfrict"?
upvoted 0 times
...
Gracia
4 months ago
A is important too, but not the best option.
upvoted 0 times
...
Alfred
5 months ago
Definitely D, stored procedures are the way to go!
upvoted 0 times
...
Gennie
5 months ago
I vaguely recall something about restricting HTML source code, but it doesn't seem directly related to SQL injection. I wonder if that's a red herring.
upvoted 0 times
...
Hui
5 months ago
I'm not entirely sure, but I feel like boundary checking might help too. It seems like a good practice for input validation.
upvoted 0 times
...
Stevie
5 months ago
I remember we discussed SQL injection in class, and I think using stored procedures was emphasized as a strong defense.
upvoted 0 times
...
Luther
5 months ago
I think we had a practice question about this, and the answer was related to stored procedures. But I'm a bit confused about the other options.
upvoted 0 times
...
Jaleesa
5 months ago
This is a tricky one. I think I'll need to review the details of each load balancing method to decide which one is most effective in this scenario.
upvoted 0 times
...
Dyan
5 months ago
I'm a little confused by the wording of this question. Is it asking about the configuration settings that determine which knowledge bases are searched, or the actual knowledge bases themselves? I'll have to read it over a few times to make sure I understand what they're really asking.
upvoted 0 times
...
Trinidad
5 months ago
I think the answer might be C, DLP for data in use, since it deals with how data is actively manipulated in applications.
upvoted 0 times
...

Save Cancel