Great Article on Dynamic Sql usage with Sql Server 2005
This is probably the best explanation around on the different dynamic Sql approaches and the performance and benefits of each of them. If you are using Sql Server 2005 basically you should be using sp_executesql due to how it can cache the query plan even with different parameters and it makes your dynamic Sql much cleaner. This is a huge advantage over using EXEC as with EXEC if you use a different parameter it will not use the cached query plan. For further details please see this outstanding article that covers all aspects of dynamic Sql.
http://www.sommarskog.se/dynamic_sql.html