Total No. of Questions = 20

1. Input validation is used to prevent which of the following?

  • A) Bad input
  • B) Formatting issues
  • C) Language issues
  • D) SQL injection

Show Answer

The Correct Answer is:- A

2. Web applications are used to __________.

  • A) Provide dynamic content
  • B) Stream video
  • C) Apply scripting
  • D) Implement security controls

Show Answer

The Correct Answer is:- A

3. Which of the following challenges can be solved by firewalls?

  • A) Protection against buffer overflows
  • B) Protection against scanning
  • C) Enforcement of privileges
  • D) Ability to use nonstandard ports

Show Answer

The Correct Answer is:- B

4. Databases can be a victim of code exploits depending on which of the following?

  • A) Configuration
  • B) Vendor
  • C) Patches
  • D) Client version

Show Answer

The Correct Answer is:- A

5. In addition to relational databases, there is also what kind of database?

  • A) Hierarchical
  • B) SQL
  • C) ODBC
  • D) Structured

Show Answer

The Correct Answer is:- A

6. Which of the following is a scripting language?

  • A) ActiveX
  • B) Java
  • C) CGI
  • D) ASP.NET

Show Answer

The Correct Answer is:- C

7. __________ is used to audit databases.

  • A) Ping
  • B) Ipconfig
  • C) SQLPing
  • D) Traceroute

Show Answer

The Correct Answer is:- C

8. Browsers do not display __________.

  • A) ActiveX
  • B) Hidden fields
  • C) Java
  • D) JavaScript

Show Answer

The Correct Answer is:- B

9. Proper input validation can prevent what from occurring?

  • A) Client-side issues
  • B) Operating system exploits
  • C) SQL injection attacks
  • D) Software failure

Show Answer

The Correct Answer is:- B

10. __________ can be used to attack databases.

  • A) Buffer overflows
  • B) SQL injection
  • C) Buffer injection
  • D) Input validation

Show Answer

The Correct Answer is:- B

11. Which command can be used to access the command prompt in SQL Server?

  • A) WHERE
  • B) SELECT
  • C) xp_cmdshell
  • D) cmdshell

Show Answer

The Correct Answer is:- C

12. Which command is used to query data in SQL Server?

  • A) cmdshell
  • B) WHERE
  • C) SELECT
  • D) from

Show Answer

The Correct Answer is:- B

13. Which statement is used to limit data in SQL Server?

  • A) cmdshell
  • B) WHERE
  • C) SELECT
  • D) to

Show Answer

The Correct Answer is:- B

14. Which command is used to remove a table from a database?

  • A) cmdshell –drop table
  • B) REMOVE
  • C) DROPTABLES
  • D) drop table

Show Answer

The Correct Answer is:- D

15. SQL injection attacks are aimed at which of the following?

  • A) Web applications
  • B) Web servers
  • C) Databases
  • D) Database engines

Show Answer

The Correct Answer is:- C

16. Which of the following is another name for a record in a database?

  • A) Row
  • B) Column
  • C) Cell
  • D) Label

Show Answer

The Correct Answer is:- A

17. What type of database has its information spread across many disparate systems?

  • A) Hierarchical
  • B) Relational
  • C) Distributed
  • D) Flat

Show Answer

The Correct Answer is:- C

18. What type of database uses multiple tables linked together in complex relationships?

  • A) Hierarchical
  • B) Relational
  • C) Distributed
  • D) Flat

Show Answer

The Correct Answer is:- B

19. What can an error message tell an attacker?

  • A) Success of an attack
  • B) Failure of an attack
  • C) Structure of a database
  • D) All of the above

Show Answer

The Correct Answer is:- D

20. A blind SQL injection attack is used when which of the following is true?

  • A) Error messages are not available.
  • B) The database is not SQL compatible.
  • C) The database is relational.
  • D) All of the above.

Show Answer

The Correct Answer is:- A