ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 135 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 135
Topic #: 1
[All 312-50v11 Questions]

SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may bypass authentication and allow attackers to access and/or modify data attached to a web application.
Which of the following SQLi types leverages a database server's ability to make DNS requests to pass data to an attacker?

  • A. In-band SQLi
  • B. Union-based SQLi
  • C. Out-of-band SQLi
  • D. Time-based blind SQLi
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by ANDRESCB1988 at July 23, 2021, 5:49 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Scryptic
Highly Voted 2 years, 10 months ago
Out-of-band SQL injection occurs when an attacker is unable to use the same channel to launch the attack and gather results. ... Out-of-band SQLi techniques would rely on the database server's ability to make DNS or HTTP requests to deliver data to an attacker.
upvoted 12 times
dinonino
1 year, 9 months ago
for reference: In-band SQL Injection: An attacker uses the same communication channel to perform the attack and retrieve the results
upvoted 4 times
...
...
Vincent_Lu
Most Recent 10 months, 2 weeks ago
Selected Answer: A
A. Stealth virus: It's a type of malicious software that can change its own code to avoid being detected by antivirus programs. It can also alter its encryption or hash values when infecting files, making it hard to detect using simple virus signature methods. B. Tunneling virus: Used in network attacks, but doesn't change its own code or encrypt itself multiple times. C. Cavity virus: Infects by using empty areas in files, but doesn't explicitly mention changing its own code multiple times or encrypting itself during replication. D. Encryption virus: Encrypts parts of infected files to avoid detection, but doesn't refer to the virus changing its own code multiple times during replication.
upvoted 1 times
Vincent_Lu
10 months, 2 weeks ago
Sorry, wrong place, please delete my answer or ignore it, thanks
upvoted 1 times
...
...
Daniel8660
1 year, 8 months ago
Selected Answer: C
Types of SQL Injection Out-of-Band SQL Injection Attacker needs to communicate with the server and acquire features of the database server used by the web application.Attackers use DNS and HTTP requests to retrieve data from the database server. (P.2046/2030)
upvoted 3 times
...
ProveCert
2 years, 6 months ago
(C) id the correct answer. Out-of-band SQLi techniques would rely on the database server's ability to make DNS or HTTP requests to deliver data to an attacker.
upvoted 4 times
...
ANDRESCB1988
2 years, 11 months ago
correct
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel