ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 87 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 87
Topic #: 1
[All 312-50v13 Questions]

Daniel is a professional hacker who is attempting to perform an SQL injection attack on a target website, www.moviescope.com. During this process, he encountered an IDS that detects SQL injection attempts based on predefined signatures. To evade any comparison statement, he attempted placing characters such as “’or ‘1’=‘1’” in any basic injection statement such as “or 1=1.”
Identify the evasion technique used by Daniel in the above scenario.

  • A. Char encoding
  • B. IP fragmentation
  • C. Variation
  • D. Null byte
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by mulekule at April 10, 2025, 2:43 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mulekule
2 weeks, 4 days ago
Selected Answer: C
The evasion technique Daniel used in this scenario is C. Variation. By altering the structure of the SQL injection payload (e.g., using 'or '1'='1' instead of or 1=1), he is attempting to bypass the IDS's predefined signature detection. This technique involves modifying the syntax or format of the injection to avoid matching known patterns.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago