Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

XML Exam I10-003 Topic 6 Question 56 Discussion

Actual exam question for XML's I10-003 exam
Question #: 56
Topic #: 6
[All I10-003 Questions]

A certain Web application displays user information according to user input via Web browser. The XML data managing user information is as shown in [example xm I] referenced in a separate window.

At this time, the Web application completes the [XQuery] by replacing (1) and (2) with the user input character string, and executes the query.

No character escapes (e.g. convert "<" to "<") are performed for character string input by the user.

Select the query execution result when the user input character string is as follows:

(1) "]/fn:root(),()/a[a="

(2) OK


</result>
Show Suggested Answer Hide Answer
Suggested Answer: B, F

by Shala at Jan 15, 2025, 04:21 AM

Limited Time Offer

25%

Off

Get Premium I10-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Franklyn
28 days ago
Ah, the age-old dilemma: to sanitize or not to sanitize? That is the question. And the answer is, of course, to sanitize. Unless you're a fan of XML-flavored chaos, that is.
upvoted 0 times
Amalia
19 days ago
User1
upvoted 0 times
...
...
Solange
1 months ago
I'm going with B. I mean, who wouldn't want to see the user information displayed, right? What could possibly go wrong?
upvoted 0 times
Julene
15 days ago
User 2
upvoted 0 times
...
Martina
19 days ago
User 1
upvoted 0 times
...
...
Kenny
1 months ago
D, definitely D. An error should occur when the user input is passed directly into the XQuery without any sanitization. That's a classic security flaw waiting to happen.
upvoted 0 times
...
Johnna
1 months ago
Wow, this question is really tricky! I'm going to have to think about this one carefully. The lack of character escaping is definitely a concern.
upvoted 0 times
...
Gilberto
2 months ago
I think the correct answer is C. The user input character string contains an XML tag that could be interpreted as part of the XML structure, potentially leading to a security vulnerability known as XML injection.
upvoted 0 times
Lauran
1 months ago
User2
upvoted 0 times
...
Royce
1 months ago
User1
upvoted 0 times
...
...
Selene
2 months ago
I'm not sure, but I think the correct answer is C.
upvoted 0 times
...
Yuki
2 months ago
I agree with Cristal, the query execution result should be B.
upvoted 0 times
...
Cristal
2 months ago
I think the answer is B.
upvoted 0 times
...

Save Cancel