Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam 312-96 Topic 9 Question 31 Discussion

Actual exam question for Eccouncil's 312-96 exam
Question #: 31
Topic #: 9
[All 312-96 Questions]

During his secure code review, John, an independent application security expert, found that the developer has used Java code as highlighted in the following screenshot. Identify the security mistake committed by the developer?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Rodolfo at Oct 21, 2024, 09:53 PM

Limited Time Offer

25%

Off

Get Premium 312-96 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Howard
2 days ago
Looks like the developer is trying to use Blacklisting Input Validation, which is a big no-no. Can't believe they're still using that outdated technique!
upvoted 0 times
...
Gearldine
5 days ago
I believe the correct approach would be to use Parametrized SQL Query for better security.
upvoted 0 times
...
Pamella
11 days ago
I agree with Terrilyn. Non-parametrized SQL queries are vulnerable to SQL injection attacks.
upvoted 0 times
...
Terrilyn
12 days ago
I think the developer made a mistake by using Non-parametrized SQL query.
upvoted 0 times
...

Save Cancel