3.Question 3Fill in the blank: A _____ is a coding technique that executes SQL statements before passing them onto the database.1 pointprepared statementSQL injectionbotnetphishing kit

8.Question 8Which of the following are coding techniques that can be used to prevent SQL injection attacks? Select three answers.1 pointInput validationInput sanitizationPublic key infrastructure (PKI)Prepared statements

What is SQL injection?

Question 1Which of the following countermeasures help developers prevent applications from becoming vulnerable to SQL injection attacks? 1 pointDesign the code such that it traps and handles exceptions appropriately Allow entries that contain binary data, escape sequences, and comment characters Never use a prepared statement to create a parameterized query Construct dynamic SQL with concatenated input values 2.Question 2Which of the following practices helps developers defend against SQL injection attacks? 1 pointAlways construct dynamic SQL with concatenated input values Build Transact-SQL statements directly from user input Never implement multiple layers of validation Test the content of string variables and accept only expected values

1.Question 1You can use MySQL stored procedures and functions to call a code block to perform a specific operation by invoking the identifier name.1 pointTrueFalse2.Question 2Your MySQL database contains a stored procedure called GetProductDetails(). What keyword can you use to invoke this stored procedure in the following statement?1________ GetProductDetails();1 point3.Question 3Which of the following statements is true of MySQL functions? Select all that apply.1 pointA function can only have input parameters.A function can have both input and output parameters.A function can only have output parameters.A function always returns a value.4.Question 4What’s the correct syntax to create a user-defined variable in MySQL?1 pointvar variable_name = value;variable_name = value;@variable_name = value;5.Question 5What does the DETERMINISTIC keyword do in the following syntax?123CREATE FUNCTION function_name()RETURNS datatype DETERMINISTICRETURN1 pointIt makes sure that the function always returns the same result for the same input parameters.It makes sure that the function returns different results for different input parameters.It makes sure that the function returns different results for the same input parameters.6.Question 6What type of parameter is the following syntax an example of?1SET @y_number = 10; 1 pointINOUT parameterOUT parameterIN parameter7.Question 7Which of the following events or SQL operations can MySQL triggers be invoked on? Select all that apply.1 pointINSERTUPDATESELECTDELETECREATE8.Question 8You need to impose a business rule that checks values before they’re added to a table. What type of trigger can you use to implement this rule?1 pointBEFORE UPDATEAFTER INSERTBEFORE INSERTAFTER UPDATE9.Question 9Which of the following options are examples of Scheduled Events that can be created in MySQL? Select all that apply.1 pointUPDATE eventsDELETE eventsRecurring eventsINSERT eventsOne-time events10.Question 10You are creating an event in MySQL using the following syntax. However, MySQL should only create the event if it doesn't already exist in the database. What keyword can you use to complete this syntax?1234CREATE EVENT _______________ event_nameON SCHEDULE schedule_logicDOEvent_body1 point

Question 1Which of the following tools does an attacker use to perform SQL injection exploitation through techniques such as union and blind SQL exploitation and bypass certain IPS/IDS rules with generic filters? 1 pointMoleChina Chopper AstraWeevely2.Question 2sqlmap is a SQL injection tool which automates the process of detecting and exploiting SQL injection flaws and taking over database servers. 1 pointTrueFalse