Alibaba Cloud Certified Associate – Cloud Computing — Question 33

SQL injection is a common application layer attack, usually through building special input parameters and pass it to web applications to steal or sabotage the application data. Which of the following is the target for SQL injection?

Answer options

• A. Web application
• B. Database
• C. Confidential files on the server
• D. Pictures on server

Correct answer: B

Explanation

The correct answer is B, as SQL injection primarily targets databases to manipulate or retrieve sensitive information. The other options, while potentially affected, are not the direct targets of SQL injection attacks.