Question

Lisa manages incident response for a bank. The bank has a website that’s been attacked. The attacker utilized the login screen, and rather than entering proper login credentials, the attacker entered some odd text: ‘ or ‘1’=’1. What is this attack known as?A) Cross-site scriptingB) Cross-site request forgeryC) SQL injectionD) ARP poisoning

Answer 1

Answer:

The answer is C) SQL Injection

Explanation:

Cross-Site Scripting (XSS) attacks are a type attacks that occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.

Cross-Site Request Forgery (CSRF) is a type of attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request.

SQL Injection is a type of cyber security attack where an attacker inputs a malicious input into an SQL statement., and the SQL server reads it as programming code.

Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets.

From the above brief definition; it is seen that the answer is C) SQL Injection.