312-50V12 · Question #148
312-50V12 Question #148: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V12 to reveal the answer and full explanation for question #148. The question stem and answer options stay visible for context.
Question
In an intricate web application architecture using an Oracle database, you, as a security analyst, have identified a potential SQL Injection attack surface. The database consists of 'x' tables, each with 'y' columns. Each table contains 'z' records. An attacker, well-versed in SQLi techniques, crafts 'u' SQL payloads, each attempting to extract maximum data from the database. The payloads include 'UNION SELECT' statements and 'DBMS_XSLPROCESSOR.READ2CLOB' to read sensitive files. The attacker aims to maximize the total data extracted 'E=xyz*u'. Assuming 'x=4', 'y=2', and varying 'z' and 'u', which situation is likely to result in the highest extracted data volume?
Options
- Az=600, u=2: The attacker devises 2 SQL payloads, each aimed at tables holding 600 records,
- Bz=550, u=2: Here, the attacker formulates 2 SQL payloads and directs them towards tables
- Cz=500, u=3: The attacker creates 3 SQL payloads and targets tables with 500 records each,
- Dz=400, u=4: The attacker constructs 4 SQL payloads, each focusing on tables with 400 records,
Unlock 312-50V12 to see the answer
You've previewed enough free 312-50V12 questions. Unlock 312-50V12 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.