Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Eccouncil Exam 312-49 Topic 1 Question 59 Discussion

Actual exam question for Eccouncil's 312-49 exam
Question #: 59
Topic #: 1
[All 312-49 Questions]

You are the incident response manager at a regional bank. While performing routine auditing of web application logs, you find several attempted login submissions that contain the following strings:

What kind of attack has occurred?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Vinnie at Jun 18, 2024, 10:05 PM

Limited Time Offer

25%

Off

Get Premium 312-49 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Franchesca
12 months ago
I think it's definitely SQL injection, the strings match the pattern.
upvoted 0 times
...
Naomi
12 months ago
I'm not sure, but it could also be a cross-site scripting attack.
upvoted 0 times
...
Freeman
12 months ago
Haha, I bet the bank's IT team is having a field day with this one. Probably SQL injection, though I can't rule out cross-site request forgery either.
upvoted 0 times
Amira
10 months ago
The IT team must be working hard to address this security issue.
upvoted 0 times
...
Lindsey
11 months ago
I agree, it could be SQL injection or cross-site request forgery.
upvoted 0 times
...
...
Leatha
12 months ago
I agree with Catalina, the strings look like SQL injection attempts.
upvoted 0 times
...
Laura
12 months ago
Hmm, I'm not sure. Could be a buffer overflow, but the login context makes me think it's more likely a SQL injection attack.
upvoted 0 times
...
Catalina
12 months ago
I think it's a SQL injection attack.
upvoted 0 times
...
Esteban
12 months ago
I'm leaning towards cross-site scripting (XSS) here. Those funny-looking strings could be part of an XSS payload.
upvoted 0 times
Cherilyn
11 months ago
We should investigate further to confirm if it's indeed a cross-site scripting attack.
upvoted 0 times
...
Cherilyn
11 months ago
I agree, those strings look suspicious. It could definitely be a cross-site scripting attack.
upvoted 0 times
...
...
Dwight
12 months ago
Definitely SQL injection, those strings look like an attempt to exploit the application's input validation.
upvoted 0 times
Dan
11 months ago
I think it's actually SQL injection. The attackers are trying to inject malicious SQL code into the login form.
upvoted 0 times
...
Charlette
11 months ago
C) Cross-site scripting
upvoted 0 times
...
Paola
11 months ago
Yes, I agree. The strings in the login submissions definitely look like they are trying to manipulate the SQL queries.
upvoted 0 times
...
Cecily
11 months ago
A) SQL injection
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77