Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam ECSAv10 Topic 4 Question 67 Discussion

Actual exam question for Eccouncil's ECSAv10 exam
Question #: 67
Topic #: 4
[All ECSAv10 Questions]

Black-box testing is a method of software testing that examines the functionality of an application (e.g. what the software does) without peering into its internal structures or workings. Black-box testing is used to detect issues in SQL statements and to detect SQL injection vulnerabilities.

Most commonly, SQL injection vulnerabilities are a result of coding vulnerabilities during the Implementation/Development phase and will likely require code changes. Pen testers need to perform this testing during the development phase to find and fix the SQL injection vulnerability.

What can a pen tester do to detect input sanitization issues?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Aracelis at Apr 21, 2024, 04:06 AM

Limited Time Offer

25%

Off

Get Premium ECSAv10 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Catarina
27 days ago
What, no option for ' or 1=1 '? That's the classic, folks. If that doesn't work, I'm just gonna start randomly mashing the keyboard until something breaks. Gotta keep 'em on their toes, right?
upvoted 0 times
...
Annelle
29 days ago
Junk data, huh? Sounds like a job for my special keyboard macro that spits out 10,000 characters in half a second. Bet that'll make the developers' heads spin!
upvoted 0 times
Lura
14 days ago
A) Send single quotes as the input data to catch instances where the user input is not sanitized
upvoted 0 times
...
...
Felicidad
1 months ago
Double quotes? Really? That's so 2000s. Everyone knows the right square bracket is where it's at these days. Gotta stay on top of the latest techniques, my friend.
upvoted 0 times
Jesusita
16 days ago
B) Send double quotes as the input data to catch instances where the user input is not sanitized
upvoted 0 times
...
Mitsue
19 days ago
A) Send single quotes as the input data to catch instances where the user input is not sanitized
upvoted 0 times
...
...
Edna
2 months ago
Hmm, that makes sense too. It's important to test different types of input data to catch sanitization issues.
upvoted 0 times
...
Berry
2 months ago
I disagree, I believe the correct answer is D) Use a right square bracket as the input data.
upvoted 0 times
...
Aracelis
2 months ago
Ah, the classic SQL injection testing! I'm all over this. Single quotes are the way to go - that's the standard approach to uncover unsanitized input.
upvoted 0 times
Glory
16 days ago
User 2
upvoted 0 times
...
Lamonica
23 days ago
User 1
upvoted 0 times
...
...
Edna
2 months ago
I think the answer is A) Send single quotes as the input data.
upvoted 0 times
...

Save Cancel