Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 350-701 Topic 2 Question 85 Discussion

Actual exam question for Cisco's 350-701 exam
Question #: 85
Topic #: 2
[All 350-701 Questions]

A security test performed on one of the applications shows that user input is not validated. Which security vulnerability is the application more susceptible to because of this lack of validation?

Show Suggested Answer Hide Answer
Suggested Answer: D

An application that does not validate user input is particularly susceptible to SQL injection attacks. In an SQL injection attack, an attacker can insert or 'inject' a SQL query via the input data from the client to the application. Due to the lack of validation, the malicious SQL commands are executed by the database server, leading to unauthorized access or manipulation of the database.


by Willodean at Apr 25, 2024, 09:58 PM

Limited Time Offer

25%

Off

Get Premium 350-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Kris
12 months ago
True, cross-site request forgery is definitely a concern. But SQL injection can lead to more damaging consequences.
upvoted 0 times
...
Glen
12 months ago
But what about cross-site request forgery? That could also be a major threat.
upvoted 0 times
...
Tran
12 months ago
I agree with Without input validation, SQL injection attacks can easily exploit vulnerabilities.
upvoted 0 times
...
Kris
1 years ago
I think the application is more susceptible to SQL injection.
upvoted 0 times
...
Carlene
1 years ago
Exactly, SQL injection could be a big threat.
upvoted 0 times
...
Glen
1 years ago
It could be susceptible to things like SQL injection.
upvoted 0 times
...
Zoila
1 years ago
That's a major vulnerability. What could it lead to?
upvoted 0 times
Carissa
1 years ago
Data sent between the user and server could be intercepted.
upvoted 0 times
...
Sarina
1 years ago
C) man-in-the-middle
upvoted 0 times
...
Martina
1 years ago
The application could become unresponsive to legitimate users.
upvoted 0 times
...
Adria
1 years ago
A) denial-of-service
upvoted 0 times
...
Gretchen
1 years ago
Attackers could manipulate user actions without their consent.
upvoted 0 times
...
Elly
1 years ago
B) cross-site request forgery
upvoted 0 times
...
Amos
1 years ago
It could lead to unauthorized access to the database.
upvoted 0 times
...
Herman
1 years ago
D) SQL injection
upvoted 0 times
...
...
Carlene
1 years ago
The security test found that user input isn't validated.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77