Question 1Which of the following types of SQL injection attack is difficult to perform as the attacker needs to communicate with the server and determine the features of the database used by the web application? 1 pointBlind SQL injection In-band SQL injection Out-of-band SQL injection Inferential SQL injection 2.Question 2In which of the following attacks does an attacker pose a true or false question to a database to determine whether an application is vulnerable to SQL injection? 1 pointUnion SQL injection In-band SQL injection Blind SQL injection Error-based SQL injection

What are the reasons that an attacker would perform a SQL injection attack? Select three answers.1 pointTo gain administrative rights to a databaseTo steal the access credentials of users in a databaseTo delete entire tables in a databaseTo send phishing messages to users in a database

Which of the following are areas of a website that are vulnerable to SQL injection? Select two answers.1 分User login pagesCredit card payment formsSocial media feedsPop-up advertisements

11. Which of the following is a potential result of a successful SQL injection attack?

Question 1Which of the following countermeasures help developers prevent applications from becoming vulnerable to SQL injection attacks? 1 pointDesign the code such that it traps and handles exceptions appropriately Allow entries that contain binary data, escape sequences, and comment characters Never use a prepared statement to create a parameterized query Construct dynamic SQL with concatenated input values 2.Question 2Which of the following practices helps developers defend against SQL injection attacks? 1 pointAlways construct dynamic SQL with concatenated input values Build Transact-SQL statements directly from user input Never implement multiple layers of validation Test the content of string variables and accept only expected values

What does SQL injection exploit?1 pointA) Network firewallsB) Browser vulnerabilitiesC) Database query executionD) User authentication systems