NETWORK SECURITY
INTRODUCTION
|
Question
[CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]
|
|
|
SELECT * FROM table ____ users WHERE user ____ id= 1
|
|
|
SELECT * FROM table ____ users WHERE user ____ id= 16 OR 1=1
|
|
|
SELECT * FROM table ____ users WHERE user ____ id= 15 AND user ____ id=10
|
|
|
None of the above
|
Detailed explanation-1: -SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including sensitive company data, user lists or private customer details.
Detailed explanation-2: -7-Eleven breach-a team of attackers used SQL injection to penetrate corporate systems at several companies, primarily the 7-Eleven retail chain, stealing 130 million credit card numbers. HBGary breach-hackers related to the Anonymous activist group used SQL Injection to take down the IT security company’s website.
Detailed explanation-3: -SQL Injection (SQLi) is a type of an injection attack that makes it possible to execute malicious SQL statements. These statements control a database server behind a web application.
Detailed explanation-4: -SQL injection, also known as insertion, is a malicious technique that exploits vulnerabilities in a target website’s SQL-based application software by injecting malicious SQL statements or by exploiting incorrect input.