Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GCED Topic 3 Question 59 Discussion

Actual exam question for GIAC's GCED exam
Question #: 59
Topic #: 3
[All GCED Questions]

What attack was indicated when the IDS system picked up the following text coming from the Internet to the web server?

select user, password from user where user= ''jdoe'' and password= 'myp@55!' union select ''text'',2 into outfile ''/tmp/file1.txt'' - - '

Show Suggested Answer Hide Answer
Suggested Answer: A

by Fernanda at Feb 08, 2025, 07:12 PM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Luis
2 months ago
Definitely SQL injection. The code is trying to dump the user and password data to a file, which is a big no-no. I hope the IDS caught this in time!
upvoted 0 times
Tanja
12 days ago
User 3: Always important to have strong security measures in place to prevent attacks like this.
upvoted 0 times
...
Elise
27 days ago
User 2: Yeah, the IDS must have flagged it. Good thing it caught it!
upvoted 0 times
...
Mozell
1 months ago
User 1: SQL Injection for sure. That code looks like it's trying to extract sensitive data.
upvoted 0 times
...
...
Dacia
2 months ago
Haha, someone's trying to hack the web server with a little SQL magic! C'mon, SQL injection? That's so 2000s, let's move on to something more creative.
upvoted 0 times
Alysa
17 days ago
User 3: I agree, we need to stay one step ahead of them.
upvoted 0 times
...
Karan
26 days ago
User 2: Definitely, hackers are always finding new ways to attack.
upvoted 0 times
...
Fanny
2 months ago
User 1: Yeah, SQL injection is old news. They need to step up their game.
upvoted 0 times
...
...
Anastacia
2 months ago
I'm pretty sure this is a SQL injection attempt. The query is trying to extract sensitive data and write it to a file on the server, which is not good.
upvoted 0 times
Stefania
1 months ago
We need to make sure our web server is protected against these types of attacks.
upvoted 0 times
...
Stefania
2 months ago
Yes, you're right. It looks like a SQL injection attack.
upvoted 0 times
...
...
Vincenza
2 months ago
I'm not sure, but it could also be Remote File Inclusion.
upvoted 0 times
...
Corrie
2 months ago
Wow, this looks like a classic SQL injection attack. The code is trying to execute a malicious SQL query to dump the user and password data to a file on the server.
upvoted 0 times
...
Fidelia
2 months ago
I agree with Bernadine, because the query is trying to manipulate the database.
upvoted 0 times
...
Bernadine
2 months ago
I think the attack indicated is SQL Injection.
upvoted 0 times
...

Save Cancel