Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 350-701 Topic 2 Question 85 Discussion

Actual exam question for Cisco's 350-701 exam
Question #: 85
Topic #: 2
[All 350-701 Questions]

A security test performed on one of the applications shows that user input is not validated. Which security vulnerability is the application more susceptible to because of this lack of validation?

Show Suggested Answer Hide Answer
Suggested Answer: D

An application that does not validate user input is particularly susceptible to SQL injection attacks. In an SQL injection attack, an attacker can insert or 'inject' a SQL query via the input data from the client to the application. Due to the lack of validation, the malicious SQL commands are executed by the database server, leading to unauthorized access or manipulation of the database.


by Willodean at Apr 25, 2024, 09:58 PM

Limited Time Offer

25%

Off

Get Premium 350-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Kris
5 months ago
True, cross-site request forgery is definitely a concern. But SQL injection can lead to more damaging consequences.
upvoted 0 times
...
Glen
5 months ago
But what about cross-site request forgery? That could also be a major threat.
upvoted 0 times
...
Tran
5 months ago
I agree with Without input validation, SQL injection attacks can easily exploit vulnerabilities.
upvoted 0 times
...
Kris
5 months ago
I think the application is more susceptible to SQL injection.
upvoted 0 times
...
Carlene
6 months ago
Exactly, SQL injection could be a big threat.
upvoted 0 times
...
Glen
6 months ago
It could be susceptible to things like SQL injection.
upvoted 0 times
...
Zoila
6 months ago
That's a major vulnerability. What could it lead to?
upvoted 0 times
Carissa
5 months ago
Data sent between the user and server could be intercepted.
upvoted 0 times
...
Sarina
5 months ago
C) man-in-the-middle
upvoted 0 times
...
Martina
5 months ago
The application could become unresponsive to legitimate users.
upvoted 0 times
...
Adria
5 months ago
A) denial-of-service
upvoted 0 times
...
Gretchen
5 months ago
Attackers could manipulate user actions without their consent.
upvoted 0 times
...
Elly
5 months ago
B) cross-site request forgery
upvoted 0 times
...
Amos
5 months ago
It could lead to unauthorized access to the database.
upvoted 0 times
...
Herman
5 months ago
D) SQL injection
upvoted 0 times
...
...
Carlene
6 months ago
The security test found that user input isn't validated.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77