Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 84

An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to buffer overflows. What action would allow the attacker to gain access to machine 1 but not machine 2?

Answer options

• A. sniffing the packets between the two hosts
• B. sending continuous pings
• C. overflowing the buffer's memory
• D. inserting malicious commands into the database

Correct answer: D

Explanation

The correct answer is D because SQL injection specifically targets vulnerabilities in the database by inserting malicious queries. Options A and B do not exploit the vulnerabilities directly, while C pertains to buffer overflow attacks, which would not impact the SQL injection vulnerability on Machine 1.