exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam

Exam SY0-701 topic 1 question 406 discussion

Actual exam question from CompTIA's SY0-701
Question #: 406
Topic #: 1
[All SY0-701 Questions]

During a SQL update of a database, a temporary field that was created was replaced by an attacker in order to allow access to the system. Which of the following best describes this type of vulnerability?

  • A. Race condition
  • B. Memory injection
  • C. Malicious update
  • D. Side loading
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
chasingsummer
Highly Voted 4 months, 1 week ago
Selected Answer: C
A malicious update refers to an attacker modifying a database or system during an update operation to introduce malicious changes.
upvoted 7 times
...
5047e6e
Most Recent 6 days, 4 hours ago
Selected Answer: A
chat gpt says race condition and it makes sense A race condition occurs when multiple processes or threads attempt to execute operations simultaneously, leading to unpredictable behavior. In this scenario, an attacker exploited a timing gap during a SQL update, replacing a temporary field to gain access to the system. This indicates a classic race condition vulnerability, where the attacker takes advantage of a window of opportunity before the legitimate update completes. Such attacks are often referred to as time-of-check to time-of-use (TOCTOU) attacks. Malicious update: While this term could describe an attack involving unauthorized data modification, it is not a specific vulnerability type. It lacks the technical specificity to describe the timing-based attack in the scenario.
upvoted 1 times
...
nocwyn
3 weeks, 6 days ago
Selected Answer: A
A race condition occurs when multiple processes access and manipulate shared data concurrently, leading to unintended behavior. In this case, the temporary field was replaced by an attacker during the SQL update, likely exploiting a timing issue where the system failed to properly control access to the temporary field before it was modified.
upvoted 3 times
...
9149f41
2 months ago
Selected Answer: C
The malicious update is the high-level attack that happened here. This is a database-level attack, not a low-level memory injection manipulation. The attacker is likely exploiting a vulnerability in the application or database logic (e.g., SQL injection, privilege escalation) to modify the temporary field.
upvoted 1 times
...
ProudFather
3 months, 2 weeks ago
Selected Answer: C
A malicious update occurs when an attacker modifies a database record or adds a new record to gain unauthorized access or control of a system. In this case, the attacker exploited a vulnerability in the database update process to insert malicious code. This is a common technique used by attackers to compromise systems and steal data.
upvoted 3 times
...
jennyka76
3 months, 2 weeks ago
Selected Answer: C
A malicious update is a seemingly legitimate software update that has been compromised by cyber attackers to introduce malware into an organization's software supply chain. This can allow attackers to breach networks, steal data, and cause financial loss and reputational damage.
upvoted 1 times
...
Cocopqr
3 months, 3 weeks ago
Selected Answer: A
A. Race condition. A race condition occurs when the outcome of a program depends on the timing of events, and the order of execution can lead to unexpected and potentially harmful results. In the context of software updates, a race condition can arise when multiple processes or threads attempt to modify the same resource simultaneously. This can lead to corrupted files, security vulnerabilities, or system instability.
upvoted 3 times
...
soutphote
3 months, 4 weeks ago
Selected Answer: A
isn't it race condition? I do not get why it is malicious update.
upvoted 3 times
...
Mitch717
4 months, 2 weeks ago
Selected Answer: C
A malicious update occurs when an attacker manipulates or replaces a field or a value during an update process to allow unauthorized access or other malicious activities.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago