Highly sensitive data is stored in a database and is accessed by an application on a DMZ server. The disk
drives on all servers are fully encrypted. Communication between the application server and end-users is
also encrypted. Network ACLs prevent any connections to the database server except from the
application server. Which of the following can still result in exposure of the sensitive data in the database
server?
A.
SQL Injection
B.
Theft of the physical database server
C.
Cookies
D.
Cross-site scripting
Explanation:
The question discusses a very secure environment with disk and transport level encryption and access
control lists restricting access. SQL data in a database is accessed by SQL queries from an application on
the application server. The data can still be compromised by a SQL injection attack.
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious
SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the
attacker). SQL injection must exploit a security vulnerability in an application’s software, for example,
when user input is either incorrectly filtered for string literal escape characters embedded in SQL
statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known
as an attack vector for websites but can be used to attack any type of SQL database.Incorrect Answers:
B: Theft of the physical database server would not expose the sensitive data in the database server
because the disks are encrypted. You would need the certificate used to encrypt the data in order to
decrypt the data on the disks.
C: Cookies are text files stored on a user’s computer to store website information. This is to provide the
user with a consistent website browsing experience. Cookies do not pose a risk to the sensitive data on
the database server.
D: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web
applications. XSS enables attackers to inject client-side script into Web pages viewed by other users.
Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug-in systems
on which they rely. Exploiting one of these, attackers fold malicious content into the content being
delivered from the compromised site. When the resulting combined content arrives at the client-side web
browser, it has all been delivered from the trusted source, and thus operates under the permissions
granted to that system. By finding ways of injecting malicious scripts into web pages, an attacker can gain
elevated access-privileges to sensitive page content, session cookies, and a variety of other information
maintained by the browser on behalf of the user.
The sensitive data is stored in databases on the database server. It is therefore not vulnerable to an XSS
attack.http://en.wikipedia.org/wiki/SQL_injection
http://en.wikipedia.org/wiki/Cross-site_scripting