Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GCIH Topic 5 Question 7 Discussion

Actual exam question for GIAC's GCIH exam
Question #: 7
Topic #: 5
[All GCIH Questions]

Which of the following can be used as a countermeasure against the SQL injection attack?

Each correct answer represents a complete solution. Choose two.

Show Suggested Answer Hide Answer
Suggested Answer: C

by Raymon at Nov 21, 2023, 07:11 PM

Limited Time Offer

25%

Off

Get Premium GCIH Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Tawny
1 months ago
I'm feeling a bit 'session_regenerate_id()' after that question. But in all seriousness, D is the way to go. Prepared statements are the real deal when it comes to SQL injection. The other options might help, but they're like trying to stop a freight train with a toothpick.
upvoted 0 times
Broderick
4 days ago
A) mysql_real_escape_string()
upvoted 0 times
...
...
Herminia
1 months ago
I'm just going to go ahead and choose options A and C. Why? Because I'm feeling a little 'mysql_real_escape_string()' today, if you know what I mean. But seriously, D is the way to go - it's the 'Prepared statement' of all countermeasures.
upvoted 0 times
Carmen
11 days ago
User 1: I think options A and C are good choices.
upvoted 0 times
...
...
Annabelle
1 months ago
Well, look at that! My grandma could have told you that prepared statements are the way to go. Anything else is just putting a band-aid on a bullet wound. Although I do like the sound of 'session_regenerate_id()' - maybe it can make my password look extra secure.
upvoted 0 times
...
Rory
2 months ago
Hmm, I'm torn between options A and D. Escaping strings is important, but prepared statements are the real powerhouse against SQL injection. Gotta cover all our bases, right?
upvoted 0 times
Sherron
6 days ago
It's always better to be safe than sorry, so using both options A and D would be a good idea.
upvoted 0 times
...
Rusty
9 days ago
I think both options A and D are important to use as countermeasures.
upvoted 0 times
...
Nohemi
1 months ago
I agree, using prepared statements is crucial to prevent SQL injection attacks.
upvoted 0 times
...
...
Ernie
2 months ago
I'm pretty sure option D is the way to go - Prepared statements are the gold standard for preventing SQL injection. The other options might help in other ways, but they don't directly address the injection vulnerability.
upvoted 0 times
Nichelle
27 days ago
Session_regenerate_id() is not a direct solution for SQL injection, so I would go with prepared statements.
upvoted 0 times
...
Rikki
1 months ago
I'm not sure about mysql_escape_string(), but I know it's important to use prepared statements.
upvoted 0 times
...
Geoffrey
2 months ago
I think mysql_real_escape_string() can also be used as a countermeasure.
upvoted 0 times
...
Martina
2 months ago
I agree, prepared statements are definitely the best defense against SQL injection.
upvoted 0 times
...
...
Becky
3 months ago
I'm not sure about C) mysql_escape_string(). I think it's not as secure as the other options mentioned.
upvoted 0 times
...
Grover
3 months ago
I agree with Anika. Those two options are commonly recommended to prevent SQL injection attacks.
upvoted 0 times
...
Anika
3 months ago
I think A) mysql_real_escape_string() and D) Prepared statement can be used as countermeasures.
upvoted 0 times
...

Save Cancel