which of the following?
The string:
‘ or 1=1– –
Represents which of the following?
Which of the following is the MOST likely reason for the unusual results?
When an order was submitted via the corporate website, an administrator noted special characters
(e.g., “;–” and “or 1=1 –“) were input instead of the expected letters and numbers.
Which of the following is the MOST likely reason for the unusual results?
Which of the following can still result in exposure of the sensitive data in the database server?
Highly sensitive data is stored in a database and is accessed by an application on a DMZ server.
The disk drives on all servers are fully encrypted. Communication between the application server
and end-users is also encrypted. Network ACLs prevent any connections to the database server
except from the application server. Which of the following can still result in exposure of the
sensitive data in the database server?
Which of the following can still result in exposure of the sensitive data in the database server?
Highly sensitive data is stored in a database and is accessed by an application on a DMZ server.
The disk drives on all servers are fully encrypted. Communication between the application server
and end-users is also encrypted. Network ACLs prevent any connections to the database server
except from the application server. Which of the following can still result in exposure of the
sensitive data in the database server?
Which of the following BEST describes a SQL Injection attack?
Which of the following BEST describes a SQL Injection attack?
Which of the following BEST describes a SQL Injection attack?
Which of the following BEST describes a SQL Injection attack?
Which of the following types of attacks was attempted?
An attacker attempted to compromise a web form by inserting the following input into the
username field: admin)(|(password=*))
Which of the following types of attacks was attempted?
Which of the following application attacks is used against a corporate directory service where there are unkno
Which of the following application attacks is used against a corporate directory service where
there are unknown servers on the network?
Which of the following application attacks is used against a corporate directory service where there are unkno
Which of the following application attacks is used against a corporate directory service where
there are unknown servers on the network?
Which of the following was used to perform this attack?
Sara, a hacker, is completing a website form to request a free coupon. The site has a field that
limits the request to 3 or fewer coupons. While submitting the form, Sara runs an application on
her machine to intercept the HTTP POST command and change the field from 3 coupons to 30.
Which of the following was used to perform this attack?