During a penetration test, you have identified that an organization's web application is vulnerable to SQL injection attacks. Which of the following recommendations would be most effective in mitigating this risk?
Sanitize user input and utilize parameterized queries
Enforce strong password requirements for all application users
Keep the web server and database server software up to date through regular patch management
Encrypt passwords stored within the application database
Implement multifactor authentication for user logins