CISSP Software Development Security • Timed 20 Questions
This is a timed practice session. You have 20 minutes to answer 20 questions — approximately 1 minute per question, matching real CISSP exam pace. Answer every question before time expires.
Time remaining
20:00
Exam-pace drill
Allow 1 minute per question. On the real CISSP exam you have approximately 72 seconds per question — this session trains you to maintain that pace under pressure.
A security team is reviewing a web application that allows users to search for products. The application uses a SQL database and constructs queries by concatenating user input directly into the SQL statement. Which of the following is the most effective mitigation against SQL injection attacks?