EC-Council
312-50V7 · Question #4
312-50V7 Question #4: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V7 to reveal the answer and full explanation for question #4. The question stem and answer options stay visible for context.
Question
The following script shows a simple SQL injection. The script builds an SQL query by concatenating hard-coded strings together with a string entered by the user: The user is prompted to enter the name of a city on a Web form. If she enters Chicago, the query assembled by the script looks similar to the following: SELECT * FROM OrdersTable WHERE ShipCity = 'Chicago' How will you delete the OrdersTable from the database using SQL Injection?
Options
- AChicago'; drop table OrdersTable --
- BDelete table'blah'; OrdersTable --
- CEXEC; SELECT * OrdersTable > DROP --
- Dcmdshell'; 'del c:\sql\mydb\OrdersTable' //
Unlock 312-50V7 to see the answer
You've previewed enough free 312-50V7 questions. Unlock 312-50V7 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.