Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Advanced Oracle PL/SQL Developer's Guide (Second Edition)

You're reading from   Advanced Oracle PL/SQL Developer's Guide (Second Edition) Master the advanced concepts of PL/SQL for professional-level certification and learn the new capabilities of Oracle Database 12c

Arrow left icon
Product type Paperback
Published in Feb 2016
Publisher
ISBN-13 9781785284809
Length 428 pages
Edition 2nd Edition
Languages
Arrow right icon
Author (1):
Arrow left icon
Saurabh K. Gupta Saurabh K. Gupta
Author Profile Icon Saurabh K. Gupta
Saurabh K. Gupta
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Overview of PL/SQL Programming Concepts FREE CHAPTER 2. Oracle 12c SQL and PL/SQL New Features 3. Designing PL/SQL Code 4. Using Collections 5. Using Advanced Interface Methods 6. Virtual Private Database 7. Oracle SecureFiles 8. Tuning the PL/SQL Code 9. Result Cache 10. Analyzing, Profiling, and Tracing PL/SQL Code 11. Safeguarding PL/SQL Code against SQL injection 12. Working with Oracle SQL Developer Index

Practice exercise

  • Which method would you employ to protect the PL/SQL code against SQL injection attacks?
    1. Replace Dynamic SQLs with Static SQLs.
    2. Replace concatenated inputs in Dynamic SQL with bind arguments.
    3. Declare the PL/SQL program to be executed by its invoker's rights.
    4. Remove string type parameters from the procedure.
  • You should use static SQL to avoid SQL injection when all Oracle identifiers are known at the time of code execution.
    1. True.
    2. False.
  • Choose the impact of SQL injection attacks:
    1. Malicious string inputs can extract confidential information.
    2. Unauthorized access can drop a database.
    3. It can insert the ORDER data in to the EMPLOYEES table.
    4. A procedure executed by owners, (SYS) rights can change the password of a user.
  • Pick the correct strategies to fight against SQL injection:
    1. Sanitize the malicious inputs from the application layer with DBMS_ASSERT.
    2. Remove string concatenated inputs from the Oracle subprogram.
    3. Dynamic SQL should be removed from the stage.
    4. Execute a PL/SQL program with...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime