"SQL injection attacks" have been responsible for many cases of data theft.One of the solutions for preventing these attacks is:
A)Never use double quotes in the query.
B)Never use single quotes in the query.
C)Never add a string to a query that you didn't type yourself.
D)Never add a number to a query that you didn't type yourself.

Question

Quizplus · Accepted Answer

SQL injection attacks occur when an attacker is able to insert malicious SQL code into a query through user input. By never adding a string to a query that you didn't type yourself, you are effectively preventing attackers from exploiting vulnerabilities in the code by injecting their own SQL code. It is still important to use proper input validation and parameterized queries to further protect against SQL injection attacks. Using double quotes or single quotes can still leave you vulnerable to injection attacks if not properly implemented. Adding numbers to a query does not pose the same risk as adding a string, but it is still important to ensure that all input is properly validated.

"SQL Injection Attacks" Have Been Responsible for Many Cases of Data