GIAC
GCIH · Question #622
GCIH Question #622: Real Exam Question with Answer & Explanation
Sign in or unlock GCIH to reveal the answer and full explanation for question #622. The question stem and answer options stay visible for context.
Question
An attacker is launching an attack against an input field in a form that is used to retrieve restricted information that is filtered dependent upon the privileges of the logged in user. This attacker inserts "' or 1=1;--" into this field. What is most likely the attacker's desired result from this insertion?
Options
- AThis forces a bypass on the back-end authentication mechanism, allowing total access to the
- BThis forces a TRUE condition and may cause the SQL server to return all of the information in the
- CThis forces a UNION condition and may cause the SQL server to return a list of all columns in the
- DThis forces an INSERT condition and will dump all rows in the table to the users screen
Unlock GCIH to see the answer
You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.