EC-Council
EC0-350 · Question #832
EC0-350 Question #832: Real Exam Question with Answer & Explanation
Sign in or unlock EC0-350 to reveal the answer and full explanation for question #832. The question stem and answer options stay visible for context.
Question
The following script shows a simple SQL injection. The script builds an SQL query by concatenating hard-coded strings together with a string entered by the user: The user is prompted to enter the name of a city on a Web form. If she enters Chicago, the query assembled by the script looks similar to the following: SELECT * FROM OrdersTable WHERE ShipCity = 'Chicago' How will you delete the OrdersTable from the database using SQL Injection?
Options
- AChicago'; drop table OrdersTable --
- BDelete table'blah'; OrdersTable --
- CEXEC; SELECT * OrdersTable > DROP --
- Dcmdshell'; 'del c:\sql\mydb\OrdersTable' //
Unlock EC0-350 to see the answer
You've previewed enough free EC0-350 questions. Unlock EC0-350 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.