GIAC Exam GISF Topic 3 Question 67 Discussion

Actual exam question for GIAC's GISF exam

Question #: 67
Topic #: 3

[All GISF Questions]

Web applications play a vital role in deploying different databases with user accessibility on theInternet. Which of the following allows an attacker to get unauthorized access to the database of aWeb application by sending (attacking) user-supplied data to an interpreter as part of a commandor query

AInjection flaw

BMalicious File Execution

CCross Site Request Forgery (CSRF)

DCross Site Scripting

Show Suggested Answer

Suggested Answer: C

by Youlanda at Feb 06, 2025, 05:27 PM

Limited Time Offer

25%

Off

Get Premium GISF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Whitney

3 hours ago

Cross Site Scripting? That's about injecting malicious scripts into web pages, not directly attacking the database. Injection flaw is the clear winner here.

upvoted 0 times

...

Eladia

7 days ago

Malicious File Execution? That's when an attacker tries to run their own program on the server. Not what this question is asking about. Injection flaw is the way to go!

upvoted 0 times

...

Ollie

8 days ago

Cross Site Request Forgery? Nah, that's more about tricking users into performing unwanted actions on the website. This question is about getting unauthorized access to the database, so it's gotta be injection flaw.

upvoted 0 times

...

Marnie

10 days ago

Injection flaw? That's the one! I remember learning about how attackers can sneak malicious code into user inputs and trick the application into executing it. Gotta watch out for those sneaky SQL injection attacks!

upvoted 0 times

...