Oracle Database: Program with PL/SQL — Question 66

Which two statements describe actions developers can take to make their application less vulnerable to security attacks?

Answer options

• A. Include the AUTHID DEFINER clause in stored program units.
• B. Do not concatenate unchecked user input into dynamically constructed SQL statements.
• C. Switch from using DBMS_SQL to EXECUTE IMMEDIATE.
• D. Include the AUTHID CURRENT_USER clause in stored program units.
• E. Increase the amount of code that is accessible to users by default.

Correct answer: B, D

Explanation

Option B is correct because it emphasizes the necessity of validating user input to prevent SQL injection attacks. Option D is also correct as it ensures that the stored program units execute with the privileges of the current user, which can enhance security. The other options either do not improve security or could potentially increase vulnerability.