Q. Point out the correct statement.

View solution

Q. Dynamic SQL Statements in SQL Server can be easily built using ________________

View solution

Q. Which of the following is a calling syntax for sp_executesql?

View solution

Q. Point out the wrong statement.

View solution

Q. The Dynamic SQL Queries in a variable are __________ until they are executed.

View solution

Q. The basic syntax for using EXECUTE command is ___________

View solution

Q. Which of the following is a disadvantage of dynamic SQL?

View solution

Q. Which of the stored procedure used for dynamic SQL is prone to attacks?

View solution

Q. SQL injection is an attack in which _________ code is inserted into strings that are later passed to an instance of SQL Server.

View solution

Q. Point out the correct statement.

View solution

Q. Which of the following script is example of SQL injection attack?

View solution

Q. Any user-controlled parameter that gets processed by the application includes vulnerabilities like ___________

View solution

Q. Point out the wrong statement.

View solution

Q. Which of the stored procedure is used to test the SQL injection attack?

View solution

Q. If xp_cmdshell has been disabled with sp_dropextendedproc, we can simply inject the following code?

View solution

Q. Which of the following code can enable xp_cmdshell?

View solution

Q. Which of the following script is an example of Quick detection in the SQL injection attack?

View solution

Q. _______________ is time based SQL injection attack.

View solution