nerdexam
ExamsGCIHQuestions#758
GIAC

GCIH · Question #758

GCIH Question #758: Real Exam Question with Answer & Explanation

The correct answer is A: union. The UNION keyword is a hallmark SQL injection indicator used to append secondary SELECT statements and extract unauthorized database data.

Web Application Attacks & Post-Exploitation

Question

Which web application log keyword would be associated with a SQL injection attack?

Options

  • Aunion
  • B../../../../etc/shadow
  • Cbind
  • Dscript

Explanation

The UNION keyword is a hallmark SQL injection indicator used to append secondary SELECT statements and extract unauthorized database data.

Common mistakes.

  • B. '../../../../etc/shadow' is a path traversal or local file inclusion payload used to access sensitive OS files, not a SQL injection indicator.
  • C. 'bind' is associated with DNS zone transfers or LDAP bind operations, not SQL injection attacks.
  • D. 'script' is associated with cross-site scripting (XSS) injection, not SQL injection.

Concept tested. SQL injection attack log signature identification

Reference. https://owasp.org/www-community/attacks/SQL_Injection

Topics

#SQL injection#UNION keyword#web application logs#log analysis

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice