Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM CPEH-001 Exam - Topic 1 Question 121 Discussion

Actual exam question for GAQM's CPEH-001 exam
Question #: 121
Topic #: 1
[All CPEH-001 Questions]

Look at the following SQL query.

SELECT * FROM product WHERE PCategory='computers' or 1=1--'

What will it return? Choose the best answer.

Show Suggested Answer Hide Answer
Suggested Answer: C

The 1=1 tells the SQL database to return everything, a simplified statement would be SELECT * FROM product WHERE 1=1 (which will always be true for all columns). Thus, this query will return all computers and everything else. The or 1=1 is a common test to see if a web application is vulnerable to a SQL attack.


by Leota at Jan 27, 2026, 01:40 PM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Claribel
15 days ago
It will return all products. The condition is always true.
upvoted 0 times
...
Fernanda
20 days ago
Seems a bit risky to use that kind of query!
upvoted 0 times
...
Alexia
25 days ago
Yup, 1=1 makes it always true, so all rows are selected.
upvoted 0 times
...
Franchesca
1 month ago
Wait, really? I thought it would just return computers.
upvoted 0 times
...
Evan
1 month ago
Totally agree, that query is a classic SQL injection example.
upvoted 0 times
...
Buffy
1 month ago
It will return all products, not just computers.
upvoted 0 times
...
Arlie
2 months ago
This query is a security nightmare. I hope no one actually uses something like this in production.
upvoted 0 times
...
Pura
2 months ago
Haha, the '1=1--' part is a classic SQL injection trick! Gotta love those sneaky hackers.
upvoted 0 times
...
Zona
2 months ago
The query is vulnerable to SQL injection, allowing an attacker to potentially access sensitive data.
upvoted 0 times
...
Jaime
2 months ago
This query will return all rows from the product table, regardless of the PCategory value.
upvoted 0 times
...
Becky
2 months ago
I feel like it might return only computers, but that "or 1=1" part is really throwing me off.
upvoted 0 times
...
Alana
2 months ago
This kind of question seems familiar; I practiced a similar one where the query returned all rows due to a similar condition.
upvoted 0 times
...
Sharen
3 months ago
I'm not entirely sure, but I remember something about how "1=1" can be used to bypass filters in SQL.
upvoted 0 times
...
Ty
3 months ago
I think this query will return all products because of the "or 1=1" condition, right?
upvoted 0 times
...
Kimberely
4 months ago
Yep, this is a classic example of a SQL injection vulnerability. I'll be sure to analyze any SQL queries carefully on the exam and look out for potential security issues like this.
upvoted 0 times
...
Denna
4 months ago
Got it, that makes sense. The '1=1' condition is a common technique used in SQL injection attacks to bypass security checks. I'll make sure to watch out for anything like that on the exam.
upvoted 0 times
...
Honey
4 months ago
Wait, what? The '1=1' part makes the whole 'or' condition always true. So it's going to return all rows from the 'product' table, regardless of the 'PCategory' value.
upvoted 0 times
...
Eliseo
4 months ago
Okay, let's see. The query is selecting all rows from the 'product' table where the 'PCategory' is 'computers' or the condition '1=1' is true. The '--' at the end is a comment, so it won't affect the query.
upvoted 0 times
...
Darci
4 months ago
Hmm, this looks like a tricky one. I'll need to think it through carefully.
upvoted 0 times
...

Save Cancel