An effective way of protecting applications against Structured Query Language (SQL) injection
vulnerability is to:

A.
validate and sanitize client side inputs.

B.
harden the database listener component.

C.
normalize the database schema to the third normal form.

D.
ensure that the security patches are updated on operating systems.

Explanation:

SQL injection vulnerability arises when crafted or malformed user inputs are substituted directly in
SQL queries, resulting into information leakage. Hardening the database listener does enhance
the security of the database; however, it is unrelated to the SQL injection vulnerability.
Normalization is related to the effectiveness and efficiency of the database but not to SQL injection
vulnerability. SQL injections may also be observed in normalized databases. SQL injection
vulnerability exploits the SQL query design, not the operating system.