See the Exhibit: 

Which three statements are appropriate for protecting the code in the procedure from SQL injection? (Choose three.) 

Answer options:

A. Explicitly validate the identifier length limit
B. Add AUTHID DEFINER to the definition of the procedure
C. Use PRAGMA RESTRICT_REFERENCES in the procedure
D. Filter out control characters in user-supplied identifier names
E. Use the object ID of the table from the data dictionary to build the trigger name

ADE