CompTIA CySA+ CS0-003 Practice Question
When reviewing the source code of a web application, you come across a function that interacts directly with the database using user-supplied input without proper sanitation. Which of the following practices is the BEST to recommend to the development team to mitigate the risk associated with this kind of vulnerability?
Client-side input validation
Encrypting user input before including it in database queries
Use parameterized queries for database access
Employ input length restrictions for all user-supplied input fields