Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Arcitura Education S90.19 Exam - Topic 3 Question 20 Discussion

Actual exam question for Arcitura Education's S90.19 exam
Question #: 20
Topic #: 3
[All S90.19 Questions]

Service A is a Web service that accesses the Student table in a shared database in order to store XML-based student records. When invoked, the GetStudent operation of Service A uses a Student ID value to retrieve the record of a single student by executing an XPath query. An attacker sends a malicious message that manipulates the XPath query to return all the student records. Which of the following attacks was carried out?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Ammie at May 09, 2022, 07:49 AM

Limited Time Offer

25%

Off

Get Premium S90.19 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Dottie
6 months ago
No way it's none of the above!
upvoted 0 times
...
Telma
6 months ago
Wait, can an XPath query really be exploited like that?
upvoted 0 times
...
Blondell
6 months ago
Seems like a classic case of XPath manipulation.
upvoted 0 times
...
Celia
6 months ago
I thought it was SQL injection at first.
upvoted 0 times
...
Katheryn
6 months ago
Definitely an XPath injection attack.
upvoted 0 times
...
Socorro
7 months ago
I'm feeling confident about this one. Constructive dismissal is when the employee resigns due to the employer's conduct, so the answer has to be B.
upvoted 0 times
...
Stephaine
7 months ago
I think TCP port 23 is used by Telnet, but I'm not completely sure; it might have been just a quick flashback from a study session.
upvoted 0 times
...
Kenneth
7 months ago
We discussed how lead-time uncertainty definitely plays a role in safety stock calculations, so I lean towards D being the correct answer.
upvoted 0 times
...
Sage
7 months ago
The share-for-share exchange seems like the most straightforward option, but I'll need to double-check the math to make sure it meets the premium requirement.
upvoted 0 times
...
France
7 months ago
The training aspect is definitely something I practiced in case questions. I think everyone needs to be on the same page for these processes to work.
upvoted 0 times
...

Save Cancel