adplus-dvertising
frame-decoration

Question

Point out the correct statement.

a.

ODBC has the call ExecDirect

b.

Few database systems provide the facilities for running SQL code directly against the database engine

c.

The SQL code is not stored in the source program, but rather it is generated based on user input

d.

None of the mentioned

Posted under SQL Server

Answer: (c).The SQL code is not stored in the source program, but rather it is generated based on user input

Engage with the Community - Add Your Comment

Confused About the Answer? Ask for Details Here.

Know the Explanation? Add it Here.

Q. Point out the correct statement.

Similar Questions

Discover Related MCQs

Q. Dynamic SQL Statements in SQL Server can be easily built using ________________

Q. Which of the following is a calling syntax for sp_executesql?

Q. Point out the wrong statement.

Q. The Dynamic SQL Queries in a variable are __________ until they are executed.

Q. The basic syntax for using EXECUTE command is ___________

Q. Which of the following is a disadvantage of dynamic SQL?

Q. Which of the stored procedure used for dynamic SQL is prone to attacks?

Q. SQL injection is an attack in which _________ code is inserted into strings that are later passed to an instance of SQL Server.

Q. Point out the correct statement.

Q. Which of the following script is example of SQL injection attack?

Q. Any user-controlled parameter that gets processed by the application includes vulnerabilities like ___________

Q. Point out the wrong statement.

Q. Which of the stored procedure is used to test the SQL injection attack?

Q. If xp_cmdshell has been disabled with sp_dropextendedproc, we can simply inject the following code?

Q. Which of the following code can enable xp_cmdshell?

Q. Which of the following script is an example of Quick detection in the SQL injection attack?

Q. _______________ is time based SQL injection attack.