Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GPEN Topic 8 Question 58 Discussion

Actual exam question for GIAC's GPEN exam
Question #: 58
Topic #: 8
[All GPEN Questions]

You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a project to test the security of a Web site. You go to the Web site login page and you run the following SQL query:

SELECT email, passwd, login_id, full_name

FROM members

WHERE email = 'attacker@somehwere.com'; DROP TABLE members; --'

What task will the above SQL query perform?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Tanesha at Sep 15, 2024, 09:58 PM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Isaiah
3 months ago
Ah, the age-old battle of the SQL injection vs. the poor, defenseless database. I can just imagine the database admin now, frantically trying to figure out how to undelete the entire 'members' table. Maybe they should just rename it to the 'ex-members' table and call it a day!
upvoted 0 times
...
Maia
3 months ago
Ah, the old 'drop table' trick! Classic SQL injection move. I bet the folks at Secure Inc. are really keeping their popcorn handy for this one. Option B is the way to go, folks.
upvoted 0 times
Dalene
2 months ago
The folks at Secure Inc. must be on high alert for this kind of attack.
upvoted 0 times
...
Margot
2 months ago
I've seen some real chaos caused by SQL injections. It's crucial to stay vigilant and protect against these types of attacks.
upvoted 0 times
...
Gilbert
2 months ago
Yep, option B is the correct answer, it deletes the entire members table.
upvoted 0 times
...
Vicky
2 months ago
Yeah, dropping the entire members table can cause some serious damage. Always important to be aware of these vulnerabilities.
upvoted 0 times
...
Osvaldo
2 months ago
I agree, that SQL query is definitely a classic move.
upvoted 0 times
...
Lucy
3 months ago
I agree, that SQL injection is a classic move. Option B is definitely the correct answer.
upvoted 0 times
...
...
Caitlin
4 months ago
Hmm, this is a tricky one. I wonder if the attacker is trying to cover their tracks by deleting the evidence? Either way, I'd say option B is the correct answer here. No need to go nuclear on the database!
upvoted 0 times
Lenny
2 months ago
User 3: Option B seems like the right choice then.
upvoted 0 times
...
Sonia
2 months ago
User 2: Yeah, that would definitely cover their tracks.
upvoted 0 times
...
Donette
2 months ago
User 1: I think the attacker is trying to delete the entire members table.
upvoted 0 times
...
Sarina
2 months ago
Melynda: No need to go nuclear on the database, right?
upvoted 0 times
...
Felicitas
2 months ago
User 3: I agree, option B is the correct answer.
upvoted 0 times
...
Melynda
2 months ago
User 2: Yeah, that seems like the most destructive option.
upvoted 0 times
...
Rebecka
2 months ago
User 1: I think the attacker is trying to delete the entire members table.
upvoted 0 times
...
...
Susana
4 months ago
Whoa, that's some serious SQL injection! I can see why this is a security test. Deleting the entire members table is definitely not what you want to do in a real-world scenario. Better stick to option B and keep things contained.
upvoted 0 times
Ashton
3 months ago
User 2: Definitely, we need to be careful with SQL injection attacks. Option B is the safest choice.
upvoted 0 times
...
Mozell
3 months ago
User 1: Yeah, that SQL query is dangerous. It could delete the entire members table.
upvoted 0 times
...
...
Oretha
4 months ago
Oh, this is a classic SQL injection attack! The query selects the email, password, login ID, and full name from the members table where the email matches 'attacker@somehwere.com', and then drops the entire members table. That's a pretty destructive move!
upvoted 0 times
Jolanda
2 months ago
Starr: Secure Inc. needs to make sure their clients are protected from these types of attacks.
upvoted 0 times
...
Rolande
2 months ago
User 3: The attacker could potentially delete a lot of important data with that query.
upvoted 0 times
...
Starr
2 months ago
User 2: Definitely, dropping the entire members table is a big security risk.
upvoted 0 times
...
Camellia
3 months ago
User 1: Wow, that's a dangerous SQL injection attack!
upvoted 0 times
...
...
Magdalene
4 months ago
I think the correct answer is B) because the query includes 'DROP TABLE members;' which will delete the entire table.
upvoted 0 times
...
Odelia
4 months ago
C) Deletes the rows of members table where email id is 'attacker@somehwere.com' given.
upvoted 0 times
...
Lucy
4 months ago
B) Deletes the entire members table.
upvoted 0 times
...

Save Cancel