Scribd
Upload
933 views

SQL Injection Quiz

The document is a quiz about SQL injection attacks. SQL injection occurs when a hacker tries to inject malicious SQL code into a database by entering it as a variable. Code that concatenates input values is most vulnerable. Leaving systems open to SQL injection risks theft of customer information. Both web and non-web applications can be vulnerable. Prepared statements are the best way to prevent SQL injection.

Uploaded by

Moiz Ahmad
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
933 views

SQL Injection Quiz

The document is a quiz about SQL injection attacks. SQL injection occurs when a hacker tries to inject malicious SQL code into a database by entering it as a variable. Code that concatenates input values is most vulnerable. Leaving systems open to SQL injection risks theft of customer information. Both web and non-web applications can be vulnerable. Prepared statements are the best way to prevent SQL injection.

Uploaded by

Moiz Ahmad
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

SQL Injection Quiz

Q1. What is SQL injection attack?


A) When a hacker tries to enter in a variable
B) When a hacker tries to enter harmful HTML code
C) When a hacker tries to enter in a hyperlink
D) Where a hacker tries to inject malicious SQL code into someone database
Q2. True or False: Will an SQL injection ruin your database?
A) True
B) False
Q3. Code that is most vulnerable to SQL injection attack contains?
A) Input parameters
B) Dynamic SQL with concatenated input values
C) Dynamic SQL with bind arguments
D) Call to external functions
Q4. Not preventing SQL Injections attacks leaves your business at great risk of:
A)
B)
C)
D)

Method Overriding
Super Class
Steal Customer Information
Method Overloading

Q5. True or False: Only code used in web applications are vulnerable to SQL
injection:
A) True
B) False
Q6. What is an example of vulnerabilities in web based vulnerabilities?

A)
B)
C)
D)

Cross-Site Scripting
None of the above
SQL Injection
All of the above

Q7. What is the best way to prevent an SQL injection?


A)
B)
C)
D)

Prepared Statement
Specimen of a class
An array
Function by reference

Q8. Which input can cause SQL injection?


A)
B)
C)
D)

- OR 1=1
Exit
Both A and B

Q9: Injected DROP statement will only run when:


A)
B)
C)
D)

User have DROP Table permission


User only have SELECT permission
User only have INSERT permission
None of the above

Q10. A form of SQL injection in which malicious statement is first stored in


database and then used in future for exploitation:
A)
B)
C)
D)

First Order SQL injection


Second Order SQL injection
Blind SQL injection
None of the above

Q11. UNION operator is used to:


A) Combine tables
B) Combine results of two SELECT queries
C) None of the above
Q12. Parameterized Queries can prevent SQL injection:
A) True
B) False

Q13. To prevent SQL injection user should be allowed to enter character like , /,
% etc.
A) True
B) False

You might also like