GIAC Exam GPYC Topic 4 Question 56 Discussion

Actual exam question for GIAC's GPYC exam

Question #: 56
Topic #: 4

[All GPYC Questions]

What does the attacker do in a SQL Injection attack?

AObtains an administrative login for a SQL database server

BFinds and exploits CVSS-SIG vulnerabilities in a particular version of SQL database

CInject information into an SQL server via an undocumented administrative interface

DSubmits a string that is interpreted as a SQL database command

Show Suggested Answer

Suggested Answer: B

by Elenore at Sep 09, 2024, 06:56 AM

Limited Time Offer

25%

Off

Get Premium GPYC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Valentine

2 days ago

SQL injection, huh? Better not try anything too fancy, or the database might just throw me a curveball!

upvoted 0 times

...

Thad

6 days ago

Hmm, this seems straightforward. I'm pretty sure the answer is D - submitting a string that gets interpreted as a SQL command. Let's see if I'm right!

upvoted 0 times

...

Tish

8 days ago

But they could also obtain an administrative login for the SQL database server, right?

upvoted 0 times

...

Ling

10 days ago

Ah, the classic SQL injection attack! I remember learning about this in my security course. Time to put that knowledge to the test.

upvoted 0 times

...

Jaleesa

13 days ago

I agree with Myra. That's how they can manipulate the database.

upvoted 0 times

...

Myra

14 days ago

I think the attacker submits a string that is interpreted as a SQL database command.

upvoted 0 times

...