Home › Software Testing › Software Testing › advanced_security_performance › SQL injection is BEST mitigated by
SQL injection is BEST mitigated by
ALogging the SQL query before execution
BSwitching to NoSQL databases entirely
CParameterised queries or prepared statements
DRemoving all spaces from user inputs
Answer & Solution
Correct answer: C. Parameterised queries or prepared statements
Parameterised queries treat user input as data, not code. Stored procedures, ORMs and allow-listing also help. NoSQL has its own injection patterns; removing spaces breaks legitimate input and does not stop injection.
Related questions
Test coverage is BEST described asContinuous Testing in DevOps meansIn the V model of SDLC, system testing corresponds to'Test data' management addressesIn ISTQB terminology, a 'test oracle' isAcceptance Test Driven Development (ATDD) emphasisesTest Driven Development uses the rhythm ofRecovery testing simulates