EC-Council
312-50V13 · Question #538
As a cybersecurity professional, you are responsible for securing a high-traffic web application that uses MySQL as its backend database. Recently, there has been a surge of unauthorized login attempt
Sign in or unlock 312-50V13 to reveal the answer and full explanation for question #538. The question stem and answer options stay visible for context.
Submitted by yaw92· Mar 6, 2026SQL Injection
Question
As a cybersecurity professional, you are responsible for securing a high-traffic web application that uses MySQL as its backend database. Recently, there has been a surge of unauthorized login attempts, and you suspect that a seasoned black-hat hacker is behind them. This hacker has shown proficiency in SQL Injection and appears to be using the 'UNION' SQL keyword to trick the login process into returning additional data. However, your application's security measures include filtering special characters in user inputs, a method usually effective against such attacks. In this challenging environment, if the hacker still intends to exploit this SQL Injection vulnerability, which strategy is he most likely to employ?
Options
- AThe hacker alters his approach and injects a `DROP TABLE' statement, a move that could
- BThe hacker tries to manipulate the 'UNION' keyword in such a way that it triggers a database
- CThe hacker switches tactics and resorts to a `time-based blind' SQL Injection attack, which would
- DThe hacker attempts to bypass the special character filter by encoding his malicious input, which
Unlock 312-50V13 to see the answer
You've previewed enough free 312-50V13 questions. Unlock 312-50V13 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#SQL Injection#Input Filtering Bypass#Encoding Attacks#Web Application Security