ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-401 All Questions

View all questions & answers for the SY0-401 exam
Go to Exam

Exam SY0-401 topic 3 question 93 discussion

Actual exam question from CompTIA's SY0-401
Question #: 93
Topic #: 3
[All SY0-401 Questions]

When an order was submitted via the corporate website, an administrator noted special characters (e.g., ";--" and "or 1=1 --") were input instead of the expected letters and numbers.
Which of the following is the MOST likely reason for the unusual results?

  • A. The user is attempting to highjack the web server session using an open-source browser.
  • B. The user has been compromised by a cross-site scripting attack (XSS) and is part of a botnet performing DDoS attacks.
  • C. The user is attempting to fuzz the web server by entering foreign language characters which are incompatible with the website.
  • D. The user is sending malicious SQL injection strings in order to extract sensitive company or customer data via the website.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
The code in the question is an example of a SQL Injection attack. The code 1=1 will always provide a value of true. This can be included in statement designed to return all rows in a SQL table.
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution
(e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
by [deleted] at March 9, 2025, 5:06 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel