SQL INJECTION FUNDAMENTALS 1-Table of Contents Flashcards

1-Table of Contents

1
Q

What is the primary function of a database in a web application?

  • A. Store static HTML pages
  • B. Store and retrieve data related to the web application
  • C. Host the web application
  • D. Manage user sessions
A

Correct Answer: B. Store and retrieve data related to the web application

Explanation: Databases in web applications are used to store and retrieve various types of data, including web content and user information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is SQL injection (SQLi)?

  • A. A method to enhance database performance
  • B. An attack that allows users to execute unintended SQL queries
  • C. A technique for data backup
  • D. A process to encrypt database queries
A

Correct Answer: B. An attack that allows users to execute unintended SQL queries

Explanation: SQL injection is a security vulnerability that allows attackers to interfere with the queries an application makes to its database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following is NOT a type of injection vulnerability?

  • A. HTTP injection
  • B. Code injection
  • C. Command injection
  • D. Data injection
A

Correct Answer: D. Data injection

Explanation: Data injection is not commonly listed as a type of injection vulnerability, unlike HTTP, code, and command injection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a common method attackers use to exploit SQL injection vulnerabilities?

  • A. Encrypting SQL queries
  • B. Injecting a single quote (‘)
  • C. Using secure coding practices
  • D. Validating user input
A

Correct Answer: B. Injecting a single quote (‘)

Explanation: Attackers often use single quotes to manipulate the SQL query structure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What can be a significant impact of a successful SQL injection attack?

  • A. Improved website performance
  • B. Enhanced user experience
  • C. Data breaches and unauthorized access
  • D. Better database organization
A

Correct Answer: C. Data breaches and unauthorized access

Explanation: SQL injections can lead to unauthorized access to sensitive data and potential data breaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How can SQL injection attacks be prevented?

  • A. By using weak passwords
  • B. By allowing direct database access
  • C. Through user input sanitization and validation
  • D. By disabling database backups
A

Correct Answer: C. Through user input sanitization and validation

Explanation: Properly sanitizing and validating user inputs can prevent SQL injection vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the purpose of the UNION clause in SQL injection?

  • A. To enhance database security
  • B. To combine the results of multiple queries
  • C. To encrypt database tables
  • D. To delete database records
A

Correct Answer: B. To combine the results of multiple queries

Explanation: The UNION clause allows an attacker to combine results from multiple queries in SQL injection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What type of information can be retrieved through SQL injection?

  • A. Publicly available information
  • B. Sensitive information like user logins and credit card details
  • C. HTML content
  • D. CSS styles
A

Correct Answer: B. Sensitive information like user logins and credit card details

Explanation: SQL injections can expose sensitive information stored in the database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are stacked queries in the context of SQL injection?

  • A. Queries that are encrypted
  • B. Multiple SQL statements executed in one go
  • C. Queries that enhance database performance
  • D. Queries that prevent SQL injection
A

Correct Answer: B. Multiple SQL statements executed in one go

Explanation: Stacked queries allow multiple SQL commands to be executed in a single query, which can be exploited in SQL injection attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Why is user input validation important in preventing SQL injection?

  • A. It improves database performance
  • B. It ensures only intended data is processed
  • C. It simplifies database queries
  • D. It enhances the user interface
A

Correct Answer: B. It ensures only intended data is processed

Explanation: Validating user input ensures that only appropriate and safe data is processed by the database, preventing malicious inputs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly