EC-Council
412-79V10 · Question #118
412-79V10 Question #118: Real Exam Question with Answer & Explanation
Sign in or unlock 412-79V10 to reveal the answer and full explanation for question #118. The question stem and answer options stay visible for context.
Question
David is working on a pen testing assignment as a junior consultant. His supervisor told him to test a web application for SQL injection. The supervisor also mentioned that some functionalities can lead to an unverified redirect vulnerability. David noticed that David had this string, he received a WAF error message the input is not allowed:
exec_sp_addsrvrolemember 'name' , 'sysadmin'. Which of the following strings could David use instead of the above string to bypass the WAF filtering?Options
- Aexec_sp_addsrvrolemember 'name' , 'sysadmin'
- Bunion select
- Cadmin' or '1'='1
- Dusername like char(37);
Unlock 412-79V10 to see the answer
You've previewed enough free 412-79V10 questions. Unlock 412-79V10 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.