🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional111 / 129
Question 111 of 129

A developer reviews a customer login endpoint that constructs a database query by concatenating user-supplied username and password strings directly into a SQL statement. Penetration testers demonstrated that entering a crafted username allowed authentication bypass and dumping of the user table. Which remediation most fundamentally eliminates this class of vulnerability?

Reviewed for accuracy · Report an issueNext question