Which two strategies are against SQL injection? (Choose two.)
A. Using parameterized queries with bind arguments
B. Use subprograms that are run with the definer’s right
C. Use RESTRICT_REFERENCE clauses in functions that use dynamic SQLs
D. Validate user inputs to functions that use dynamic SQLs built with concatenated values