Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

GIAC Exam GPEN Topic 8 Question 58 Discussion

Actual exam question for GIAC's GPEN exam
Question #: 58
Topic #: 8
[All GPEN Questions]

You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a project to test the security of a Web site. You go to the Web site login page and you run the following SQL query:

SELECT email, passwd, login_id, full_name

FROM members

WHERE email = 'attacker@somehwere.com'; DROP TABLE members; --'

What task will the above SQL query perform?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Tanesha at Sep 15, 2024, 09:58 PM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Isaiah
1 months ago
Ah, the age-old battle of the SQL injection vs. the poor, defenseless database. I can just imagine the database admin now, frantically trying to figure out how to undelete the entire 'members' table. Maybe they should just rename it to the 'ex-members' table and call it a day!
upvoted 0 times
...
Maia
1 months ago
Ah, the old 'drop table' trick! Classic SQL injection move. I bet the folks at Secure Inc. are really keeping their popcorn handy for this one. Option B is the way to go, folks.
upvoted 0 times
Margot
2 days ago
I've seen some real chaos caused by SQL injections. It's crucial to stay vigilant and protect against these types of attacks.
upvoted 0 times
...
Gilbert
5 days ago
Yep, option B is the correct answer, it deletes the entire members table.
upvoted 0 times
...
Vicky
7 days ago
Yeah, dropping the entire members table can cause some serious damage. Always important to be aware of these vulnerabilities.
upvoted 0 times
...
Osvaldo
18 days ago
I agree, that SQL query is definitely a classic move.
upvoted 0 times
...
Lucy
1 months ago
I agree, that SQL injection is a classic move. Option B is definitely the correct answer.
upvoted 0 times
...
...
Caitlin
2 months ago
Hmm, this is a tricky one. I wonder if the attacker is trying to cover their tracks by deleting the evidence? Either way, I'd say option B is the correct answer here. No need to go nuclear on the database!
upvoted 0 times
Lenny
4 days ago
User 3: Option B seems like the right choice then.
upvoted 0 times
...
Sonia
5 days ago
User 2: Yeah, that would definitely cover their tracks.
upvoted 0 times
...
Donette
6 days ago
User 1: I think the attacker is trying to delete the entire members table.
upvoted 0 times
...
Sarina
6 days ago
Melynda: No need to go nuclear on the database, right?
upvoted 0 times
...
Felicitas
9 days ago
User 3: I agree, option B is the correct answer.
upvoted 0 times
...
Melynda
10 days ago
User 2: Yeah, that seems like the most destructive option.
upvoted 0 times
...
Rebecka
17 days ago
User 1: I think the attacker is trying to delete the entire members table.
upvoted 0 times
...
...
Susana
2 months ago
Whoa, that's some serious SQL injection! I can see why this is a security test. Deleting the entire members table is definitely not what you want to do in a real-world scenario. Better stick to option B and keep things contained.
upvoted 0 times
Ashton
1 months ago
User 2: Definitely, we need to be careful with SQL injection attacks. Option B is the safest choice.
upvoted 0 times
...
Mozell
2 months ago
User 1: Yeah, that SQL query is dangerous. It could delete the entire members table.
upvoted 0 times
...
...
Oretha
2 months ago
Oh, this is a classic SQL injection attack! The query selects the email, password, login ID, and full name from the members table where the email matches 'attacker@somehwere.com', and then drops the entire members table. That's a pretty destructive move!
upvoted 0 times
Jolanda
17 days ago
Starr: Secure Inc. needs to make sure their clients are protected from these types of attacks.
upvoted 0 times
...
Rolande
20 days ago
User 3: The attacker could potentially delete a lot of important data with that query.
upvoted 0 times
...
Starr
22 days ago
User 2: Definitely, dropping the entire members table is a big security risk.
upvoted 0 times
...
Camellia
26 days ago
User 1: Wow, that's a dangerous SQL injection attack!
upvoted 0 times
...
...
Magdalene
2 months ago
I think the correct answer is B) because the query includes 'DROP TABLE members;' which will delete the entire table.
upvoted 0 times
...
Odelia
3 months ago
C) Deletes the rows of members table where email id is 'attacker@somehwere.com' given.
upvoted 0 times
...
Lucy
3 months ago
B) Deletes the entire members table.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77