Identify two strategies against SQL injection. (Choose two.) 

Answer options:

A. Using parameterized queries with bind arguments
B. Use subprograms that are run with the definer`s right
C. Use RESTRICT_REFERENCE clauses in functions that use dynamic SQLs
D. Validate user inputs to functions that use dynamic SQLs built with concatenated values

AD