There would always be input validation FIRST, be it at the client side or server side or both. Input validation also contains error and exception handling.
Excuse me , how security analyst implements input validation... :D its most appropriate to WAF and then set all different settings. Input validation along with Stored procedures can be done by the devs .
if this makes sense, the attack has been detected because the entry point was allowing special characters at the input side which is not been properly validated.
From Darrel Gibson's book, both stored procedures and input validation prevent SQL injection attacks. Does anyone know why input validation is the better answer here?
Because you should validate the input prior to it being forwarded to the stored procedures. Always validate input before processing it; people are stupid and enter the weirdest s**t.
This section is not available anymore. Please use the main Exam Page.SY0-501 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
MagicianRecon
Highly Voted 4 years, 10 months agomcNik
Most Recent 4 years, 3 months agoHeymannicerouter
4 years agoclay09
4 years, 10 months agoMeredith
4 years, 11 months agoNot_My_Name
4 years, 6 months agoComputerguy
3 years, 11 months ago