GIAC
GCED · Question #78
GCED Question #78: Real Exam Question with Answer & Explanation
The correct answer is C. SQL Injection. An example of manipulating SQL statements to perform SQL injection includes using the semi- colon to perform multiple queries. The following example would delete the users table: Username: ` or 1=1; drop table users; - - Password: [Anything]
Question
What attack was indicated when the IDS system picked up the following text coming from the Internet to the web server? select user, password from user where user= "jdoe" and password= `myp@55!' union select "text",2 into outfile "/tmp/file1.txt" - - '
Options
- ARemote File Inclusion
- BURL Directory Traversal
- CSQL Injection
- DBinary Code in HTTP Headers
Explanation
An example of manipulating SQL statements to perform SQL injection includes using the semi- colon to perform multiple queries. The following example would delete the users table: Username: ` or 1=1; drop table users; - - Password: [Anything]
Community Discussion
No community discussion yet for this question.