Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 259

Which vulnerability type is used to read, write, or erase information from a database?

Answer options

• A. cross-site request forgery
• B. SQL injection
• C. cross-site scripting
• D. buffer overflow

Correct answer: B

Explanation

The correct answer is SQL injection, which specifically targets databases to execute arbitrary SQL commands, enabling unauthorized data access or manipulation. The other options, such as cross-site request forgery and cross-site scripting, pertain to web application vulnerabilities affecting user interactions, while buffer overflow relates to memory management issues rather than database access.