Which of these prevention techniques would be best used against an SQL injection attack?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAAddress space layout randomizationoptionBStack canaryoptionCReturn to libcoptionDWeb application firewall
Question
Which of these prevention techniques would be best used against an SQL injection attack?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAAddress space layout randomizationoptionBStack canaryoptionCReturn to libcoptionDWeb application firewall
Solution
The best prevention technique against an SQL injection attack would be option D: Web application firewall.
Here's why:
Option A: Address space layout randomization (ASLR) is a computer security technique which involves randomly positioning the base address of an executable and the position of libraries, heap, and stack, in a process's address space. While it is a good technique for preventing buffer overflow attacks, it is not specifically designed to prevent SQL injection attacks.
Option B: Stack canary is a security mechanism used to prevent buffer overflow attacks. It is not specifically designed to prevent SQL injection attacks.
Option C: Return to libc is a method used to defeat stack protection mechanisms. It is not a prevention technique, but rather a type of attack.
Option D: A Web Application Firewall (WAF) is a firewall that monitors, filters or blocks data packets as they travel to and from a website or web application. A WAF can be either network-based, host-based or cloud-based and is often deployed through a reverse proxy and placed in front of one or more websites or applications. Running a WAF is like having a force field around your website - it only lets the good guys in and keeps the bad guys out. WAFs are especially useful against SQL injection attacks.
Similar Questions
What protection could be used to prevent an SQL injection attack?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAInput validationoptionBBuffer overflowoptionCLateral movementoptionDXML filtering
Jacob, a security administrator, wants to protect an organization against an SQL injection attack. Which of the following controls will he implement?Each correct answer represents a complete solution. Choose all that apply.This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.Aoption AIntrusion detection systemBoption BWeb application firewallCoption CParameterized queriesDoption DInput validation
What does a defense-in-breadth approach add?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAProtection against SQL injectionoptionBBuffer overflow protectionoptionCHeap spraying protectionoptionDConsideration for a broader range of attacks
Which of the following is a way to prevent SQL injection attacks?*Encrypting network trafficInput validationImplementing a firewallInstalling antivirus software
Which of the following approaches is an effective way of protecting yourself against SQL injection?
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.