29 Mar Practice Test Question 4/2/2019 Unusual Activity
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Harold is examining the web server logs after detecting unusual activity on the system. He finds the log excerpt shown below. What type of attack did someone attempt against this system based upon the data shown in these logs?
A. SQL injection
B. Cross-site scripting
C. Domain hijacking
D. Directory traversal
Correct Answer: A
The third log entry shows clear signs of a SQL injection attack. Notice that the parameters passed to the web page include an appended SQL command: UNION SELECT 1,2,3,4,5. This is designed to retrieve the first five columns from the database table and will likely succeed if the web application is not performing proper input validation.