nerdexam
ExamsGCIHQuestions#359
GIAC

GCIH · Question #359

GCIH Question #359: Real Exam Question with Answer & Explanation

Sign in or unlock GCIH to reveal the answer and full explanation for question #359. The question stem and answer options stay visible for context.

Web Application Attacks & Post-Exploitation

Question

Suppose a web application builds the SQL command "select PhoneNumber from contacts where Company = '[value]';". What would the result likely be if an attacker submitted the value "GIAC'; drop table contacts; --" to the database?

Options

  • ANothing. The 'contacts;--' portion is syntactically incorrect.
  • BThe database would attempt to drop the PhoneNumber from the 'GIAC' table.
  • CThe 'contacts' table would be deleted from the database.
  • DThe database would drop all records containing 'GIAC' from the 'contacts' table.

Unlock GCIH to see the answer

You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock GCIH - $49.99 / 30 daysSign in

Topics

#SQL injection#DROP TABLE#destructive SQL#query manipulation
Full GCIH Practice