Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GPEN Topic 8 Question 58 Discussion

Actual exam question for GIAC's GPEN exam
Question #: 58
Topic #: 8
[All GPEN Questions]

You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a project to test the security of a Web site. You go to the Web site login page and you run the following SQL query:

SELECT email, passwd, login_id, full_name

FROM members

WHERE email = 'attacker@somehwere.com'; DROP TABLE members; --'

What task will the above SQL query perform?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Tanesha at Sep 15, 2024, 09:58 PM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Susana
16 hours ago
Whoa, that's some serious SQL injection! I can see why this is a security test. Deleting the entire members table is definitely not what you want to do in a real-world scenario. Better stick to option B and keep things contained.
upvoted 0 times
...
Oretha
7 days ago
Oh, this is a classic SQL injection attack! The query selects the email, password, login ID, and full name from the members table where the email matches 'attacker@somehwere.com', and then drops the entire members table. That's a pretty destructive move!
upvoted 0 times
...
Magdalene
11 days ago
I think the correct answer is B) because the query includes 'DROP TABLE members;' which will delete the entire table.
upvoted 0 times
...
Odelia
13 days ago
C) Deletes the rows of members table where email id is 'attacker@somehwere.com' given.
upvoted 0 times
...
Lucy
15 days ago
B) Deletes the entire members table.
upvoted 0 times
...

Save Cancel