Exam PT0-002 Topic 5 Question 154 Discussion

Actual exam question for CompTIA's PT0-002 exam
Question #: 154
Topic #: 5
A penetration tester is testing input validation on a search form that was discovered on a website. Which of the following characters is the BEST option to test the website for vulnerabilities?

Suggested Answer: C Vote an answer

A single quote (') is a common character used to test for SQL injection vulnerabilities, which occur when user input is directly passed to a database query. A single quote can terminate a string literal and allow an attacker to inject malicious SQL commands. For example, if the search form uses the query SELECT * FROM products WHERE name LIKE '%user_input%', then entering a single quote as user input would result in an error or unexpected behavior

by Lyndon at Oct 01, 2024, 09:34 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10