EC-Council
312-49V11 · Question #130
312-49V11 Question #130: Real Exam Question with Answer & Explanation
Sign in or unlock 312-49V11 to reveal the answer and full explanation for question #130. The question stem and answer options stay visible for context.
Question
As a Computer Hacking Forensic Investigator (CHFI). you are investigating a possible breach on a web application protected by a Web Application Firewall (WAF). You notice some logs on the WAF that suggest there were some repeated attempts to bypass the SQL injection protection. After inspecting the web server and MySQL database you Find no indications of data manipulation. You then decide to delve deeper and examine the database server logs. Which of the following would you most likely infer if you notice a log entry indicating a query command as "1' OR '1'='1'; -- "?
Options
- AThe WAF successfully blocked the SQL injection attempt and no unauthorized data manipulation
- BThere was a successful SQL injection, and unauthorized data manipulation likely occurred
- CThe SQL inject on attempt was unsuccessful as it is an incorrect syntax for bypassing WAF SQL
- DThe WAF failed to detect the SQL injection attempt out MySQL s n-built protections prevented data
Unlock 312-49V11 to see the answer
You've previewed enough free 312-49V11 questions. Unlock 312-49V11 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.