Interested to Buy Any Domain ? << Click Here >> for more details...
1.Describe way(s) to tune the SQL table in order to
optimize performance.
2. Explain SQL Injection and how can you prevent them?
- 1 Answers
- 4563 Views
- Techno Solutions, I also Faced
- E-Mail Answers
Answer Posted / jerry joseph
1. identify and create optimal indexes for your tables
every table should have at least a clustered index
Indexes should be considered on all columns that are
frequently accessed by the WHERE, ORDER BY, GROUP BY, TOP,
and DISTINCT clauses
Static tables can be more heavily indexed that dynamic tables
2. An SQL Injection attack is a form of attack that comes
from user input that has not been checked to see that it is
valid. The objective is to fool the database system into
running malicious code that will reveal sensitive
information or otherwise compromise the server.
Example:
StrSQL = "SELECT * from Users WHERE username = '" +
txtUserName.Text + "' AND password = '" + txtPassword.Text +
"'";
if txtUserName is entered as "admin' OR 1 = 1;--" the query
becomes
"SELECT * from Users WHERE username = 'admin' OR 1 = 1;--'
AND password = '" + txtPassword.Text + "'"
user logs in as admin
Prevention :
Use Parameterized Queries or Stored Procedures to prevent
SQL Injection.
| Is This Answer Correct ? | 0 Yes | 0 No |
Post New Answer View All Answers
What is msdb database? : SQL Server Architecture
What is an entity-relationship diagram (erd)?
Explain raiserror in sql server?
What is the difference between dbcc indexdefrag and dbcc reindex?
What is filter index?
what is a self join? Explain it with an example? : Sql server database administration
What are data files?
How connect excel to sql server?
How do I save a stored procedure in sql server?
Explain time data type in sal server 2008?
What purpose does the model database server?
how to do partition in sqlserver
Why do we need normalization?
Does union all remove duplicates?
What is cdc in sql server?
