Answer / jerry joseph

1. identify and create optimal indexes for your tables

every table should have at least a clustered index

Indexes should be considered on all columns that are
frequently accessed by the WHERE, ORDER BY, GROUP BY, TOP,
and DISTINCT clauses

Static tables can be more heavily indexed that dynamic tables

2. An SQL Injection attack is a form of attack that comes
from user input that has not been checked to see that it is
valid. The objective is to fool the database system into
running malicious code that will reveal sensitive
information or otherwise compromise the server.

Example:
StrSQL = "SELECT * from Users WHERE username = '" +
txtUserName.Text + "' AND password = '" + txtPassword.Text +
"'";
if txtUserName is entered as "admin' OR 1 = 1;--" the query
becomes
"SELECT * from Users WHERE username = 'admin' OR 1 = 1;--'
AND password = '" + txtPassword.Text + "'"
user logs in as admin

Prevention :
Use Parameterized Queries or Stored Procedures to prevent
SQL Injection.

What is dknf in normalization form?

0 Answers  

---

Wht is the difference between stored procedure and trigger

6 Answers   HCL, TCS,

---

Explain different types of lock modes in sql server 2000?

0 Answers  

---

What is the difference between the export /import functions in sql studio and standalone sql manager? : sql server management studio

0 Answers  

---

What are the types of joins in sql?

0 Answers  

---

---

Can binary strings be used in arithmetical operations?

0 Answers  

---

how to find number of columns in a table in sql server 2000 and 2005 also

16 Answers   Virtusa,

---

How many instances per computer are there in sql server 2000?

0 Answers  

---

how to delete duplicate rows from table

9 Answers   CSC,

---

Explain about Joins?

0 Answers   Infosys,

---

Difference between connected and disconnected database in .net with sql server?

0 Answers   Infosys,

---

Explain what are the basic functions for master, msdb, model, tempdb databases?

0 Answers  

---