DS0-001 · Question #153
DS0-001 Question #153: Real Exam Question with Answer & Explanation
The correct answer is C: SQL injection. SQL injection (C) is correct because it involves inserting malicious SQL code into input fields or queries, causing a database to execute unintended commands - this is literally code execution against a database. Why the others are wrong: Social engineering (A) manipulates people
Question
Which of the following involves executing code against a database?
Options
- ASocial engineering
- BPhishing
- CSQL injection
- DOn-path attack
Explanation
SQL injection (C) is correct because it involves inserting malicious SQL code into input fields or queries, causing a database to execute unintended commands - this is literally code execution against a database.
Why the others are wrong:
- Social engineering (A) manipulates people psychologically to divulge information or grant access - no code or database involved.
- Phishing (B) is a social engineering subset using fraudulent messages (emails, sites) to steal credentials - again, no database code execution.
- On-path attack (D) (formerly "man-in-the-middle") intercepts network traffic between two parties - it targets communication channels, not databases.
Memory tip: Think of "SQL injection" literally - you're injecting (executing) SQL code into a database. The word "injection" is the key: something foreign is being pushed into and run by the database engine.
Community Discussion
No community discussion yet for this question.