nerdexam
EC-Council

312-50V13 · Question #465

What is the following command used for?

The correct answer is B. A Enumerating the databases in the DBMS for the URL. The command (an assumed SQL injection payload) is used for enumerating the available databases within a Database Management System (DBMS) through a given URL.

Submitted by dimitri_ru· Mar 6, 2026SQL Injection

Question

What is the following command used for?

Options

  • ACreating backdoors using SQL injection
  • BA Enumerating the databases in the DBMS for the URL
  • CRetrieving SQL statements being executed on the database
  • DSearching database statements at the IP address given

How the community answered

(25 responses)
  • A
    4% (1)
  • B
    76% (19)
  • C
    12% (3)
  • D
    8% (2)

Why each option

The command (an assumed SQL injection payload) is used for enumerating the available databases within a Database Management System (DBMS) through a given URL.

ACreating backdoors using SQL injection

Creating backdoors via SQL injection usually involves writing files to the server or creating new user accounts, which is a different objective than just enumerating databases.

BA Enumerating the databases in the DBMS for the URLCorrect

Enumerating databases via SQL injection typically involves crafting queries that leverage system tables, such as `information_schema.schemata`, to list all available database names. This step helps attackers discover potential targets for further data exfiltration or manipulation.

CRetrieving SQL statements being executed on the database

Retrieving SQL statements being executed on a database typically requires direct database monitoring tools or access to logs, not a standard SQL injection payload for enumeration.

DSearching database statements at the IP address given

Searching database statements at an IP address is vague; SQL injection operates within the context of a web application interacting with its database, not directly searching statements at an arbitrary network address.

Concept tested: SQL injection database enumeration

Source: https://learn.microsoft.com/en-us/azure/security/fundamentals/sql-injection

Topics

#SQLMap#database enumeration#SQL injection tools

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice