Which of the following software security best practices would prevent an attacker from being able to run arbitrary SQL commands within a web application? (Choose two.)
A . Parameterized queries
B . Session management
C . Input validation
D . Output encoding
E . Data protection
F . Authentication
Answer: A, C
Explanation:
Reference: https://www.ptsecurity.com/ww-en/analytics/knowledge-base/how-to-prevent-sql-injection-attacks/