Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-49v10 All Questions

View all questions & answers for the 312-49v10 exam
Go to Exam

Exam 312-49v10 topic 1 question 709 discussion

Actual exam question from ECCouncil's 312-49v10
Question #: 709
Topic #: 1
[All 312-49v10 Questions]

After an SQL Injection attack, an investigator is examining a log entry in an IIS log from a Windows-based server. The investigator notices a suspicious GET request: Id=ORD-001%27%20or%201=1;--. What can the investigator infer from this decoded query in the investigation?

  • A. The attack has attempted to extract database and table names
  • B. The attack was made from a Linux machine
  • C. The attack has bypassed authentication to access sensitive data from the database
  • D. The attack is trying to retrieve the number of columns that are vulnerable to attack
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by aqeel1506 at July 22, 2024, 9:43 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
aqeel1506
4 months ago
C. The attack has bypassed authentication to access sensitive data from the database aligns with the CHFI v10 textbook. The CHFI v10 textbook covers SQL Injection attacks and their implications. The textbook explains that SQL Injection attacks, like the one described in the log entry (Id=ORD-001%27%20or%201=1;--), exploit vulnerabilities in the application's SQL queries. This particular query uses a condition (1=1) that is always true, which can bypass authentication and access unauthorized data. Here’s why C is correct based on the textbook: Bypassing Authentication: The 1=1 part of the query creates a condition that is always true, which can bypass authentication checks and potentially allow unauthorized access to data. Accessing Sensitive Data: With authentication mechanisms bypassed, attackers can access data they should not have access to.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel