Are you studying for the CEH certification?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
An attacker gains access to a Web server's database and displays the contents of the table that holds all of the names, passwords, and other user information. The attacker did this by entering information into the Web site's user login page that the software's designers did not expect to be entered. This is an example of what kind of software design problem/issue?
Insufficient firewall rules
Insufficient anti-virus detection
Insufficient exception handling
Insufficient input validation
The attack (likely a SQL injection) is one where a user enters data that the web server fails to sanitize or validate. Therefore the problem is input validation. Input validation is one of the primary prevention techniques used to protect against sql injection. https://www.owasp.org/index.php/SQLInjectionPreventionCheatSheet
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.