Eccouncil Exam ECSAv10 Topic 8 Question 65 Discussion

Actual exam question for Eccouncil's ECSAv10 exam

Question #: 65
Topic #: 8

An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?

AFrame Injection Attack

BLDAP Injection Attack

CXPath Injection Attack

DSOAP Injection Attack

Show Suggested Answer

Suggested Answer: D

by Avery at Mar 17, 2024, 02:19 PM

Limited Time Offer

25%

Off

Get Premium ECSAv10 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Latonia

5 months ago

That's a good point, Elbert. SOAP Injection Attack does make sense in this context.

upvoted 0 times

...

Elbert

5 months ago

I think it could be SOAP Injection Attack. The attacker might be trying to manipulate the SOAP messages.

upvoted 0 times

...

Vilma

5 months ago

I disagree, I believe it's a XPath Injection Attack.

upvoted 0 times

...

Latonia

6 months ago

I think the attacker is using LDAP Injection Attack.

upvoted 0 times

...

Nickie

6 months ago

Yeah, I think I'll go with XPath Injection Attack too, it makes sense for accessing databases.

upvoted 0 times

...

Dulce

6 months ago

I agree with User1, LDAP Injection Attack seems like the most likely scenario.

upvoted 0 times

...

Lore

6 months ago

Frame Injection Attack doesn't sound right in this context, so it's probably not that.

upvoted 0 times

...

Mari

6 months ago

I'm not sure, but I think SOAP Injection Attack is also a possibility.

upvoted 0 times

...

Lorrie

6 months ago

I believe it could also be XPath Injection Attack, as it targets back-end databases.

upvoted 0 times

...

Shannon

7 months ago

I think the attacker is using LDAP Injection Attack to bypass authentication.

upvoted 0 times

...