1.Describe way(s) to tune the SQL table in order to optimize performance. 2

Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

1.Describe way(s) to tune the SQL table in order to
optimize performance.

2. Explain SQL Injection and how can you prevent them?

Question Posted / raghu_113

1 Answers
4625 Views
Techno Solutions, I also Faced
E-Mail Answers

1.Describe way(s) to tune the SQL table in order to optimize performance. 2. Explain SQL Inject..

Answer / jerry joseph

1. identify and create optimal indexes for your tables

every table should have at least a clustered index

Indexes should be considered on all columns that are
frequently accessed by the WHERE, ORDER BY, GROUP BY, TOP,
and DISTINCT clauses

Static tables can be more heavily indexed that dynamic tables

2. An SQL Injection attack is a form of attack that comes
from user input that has not been checked to see that it is
valid. The objective is to fool the database system into
running malicious code that will reveal sensitive
information or otherwise compromise the server.

Example:
StrSQL = "SELECT * from Users WHERE username = '" +
txtUserName.Text + "' AND password = '" + txtPassword.Text +
"'";
if txtUserName is entered as "admin' OR 1 = 1;--" the query
becomes
"SELECT * from Users WHERE username = 'admin' OR 1 = 1;--'
AND password = '" + txtPassword.Text + "'"
user logs in as admin

Prevention :
Use Parameterized Queries or Stored Procedures to prevent
SQL Injection.

Is This Answer Correct ?

0 Yes

0 No

Post New Answer

More SQL Server Interview Questions

How can I know what locks are running on which resource?

How to insert data with null values?

What are magic tables in sql server?

Can we add an identity column to decimal datatype?

Can we insert data into a view?

How to encrypt Strored Procedure in SQL SERVER?

About Indexed Views? with example? plz reply...

after migrating the dts packg to ssis by using migrtn wizrd in 2005. iam not able to open ssis pack and getting error. what r those errors? how to resolve?

0 Answers Verizon,

What are scalar functions?

There is a trigger defined for INSERT operations on a table, in an OLTP system. The trigger is written to instantiate a COM object and pass the newly insterted rows to it for some custom processing. What do you think of this implementation? Can this be implemented better?

Explain the use of containers in ssis?

Explain Capacity planning to create a database? and how to monitor it?

For more SQL Server Interview Questions Click Here

Categories

Oracle (3253)
SQL Server (4518)
MS Access (429)
MySQL (1402)
Postgre (483)
Sybase (267)
DB Architecture (141)
DB Administration (291)
DB Development (113)
SQL PLSQL (3330)
MongoDB (502)
IBM Informix (50)
Neo4j (82)
InfluxDB (0)
Apache CouchDB (44)
Firebird (5)
Database Management (1411)
Databases AllOther (288)