Sign Up Login


  1. Categories >> Software >> Databases >> SQL Server
  2. Suggest New Category

1.Describe way(s) to tune the SQL table in order to
optimize performance.

2. Explain SQL Injection and how can you prevent them?

Question Posted / raghu_113


1.Describe way(s) to tune the SQL table in order to optimize performance. 2. Explain SQL Inject..

Answer / jerry joseph

1. identify and create optimal indexes for your tables

every table should have at least a clustered index

Indexes should be considered on all columns that are
frequently accessed by the WHERE, ORDER BY, GROUP BY, TOP,
and DISTINCT clauses

Static tables can be more heavily indexed that dynamic tables

2. An SQL Injection attack is a form of attack that comes
from user input that has not been checked to see that it is
valid. The objective is to fool the database system into
running malicious code that will reveal sensitive
information or otherwise compromise the server.

Example:
StrSQL = "SELECT * from Users WHERE username = '" +
txtUserName.Text + "' AND password = '" + txtPassword.Text +
"'";
if txtUserName is entered as "admin' OR 1 = 1;--" the query
becomes
"SELECT * from Users WHERE username = 'admin' OR 1 = 1;--'
AND password = '" + txtPassword.Text + "'"
user logs in as admin

Prevention :
Use Parameterized Queries or Stored Procedures to prevent
SQL Injection.

Is This Answer Correct ?    0 Yes 0 No

Post New Answer

More SQL Server Interview Questions

you have couple of stored procedures that depend on a table you dropped the table and recreated it what do you have to do to reestablish those stored procedure dependencies?

0 Answers  

Difference between 2NF &3NF ?

0 Answers   Cap Gemini,

What is DCL?

0 Answers  

Explain datetime2 data type in sal server 2008?

0 Answers  

Explain the various types of concurrency problem. I.e. Lost or buried updates, uncommitted dependency, inconsistent analysis, phantom read?

0 Answers  

What is the difference between upgrade and migration in sql server?

0 Answers  

What do you understand by recursive stored procedure?

0 Answers  

How do you troubleshoot errors in a SQL Server Agent Job?

0 Answers  

What are the indexes in sql server?

0 Answers  

1.Describe way(s) to tune the SQL table in order to optimize performance. 2. Explain SQL Injection and how can you prevent them?

1 Answers   Techno Solutions,

Suppose we have a table "MyTable" containing 10 rows, what query should be executed to update the odd rows "Salary" as 9000?

0 Answers   MCN Solutions,

What is faster join or union?

0 Answers  

For more SQL Server Interview Questions Click Here
Categories