CompTIA CySA+ (CS0-002) — Question 42

A security analyst notices the following entry while reviewing the server logs:
OR 1=1' ADD USER attacker' PW 1337password' --
Which of the following events occurred?

Answer options

• A. CSRF
• B. XSS
• C. SQLi
• D. RCE

Correct answer: C

Explanation

The log entry indicates a SQL injection (SQLi) attack, as it manipulates SQL queries to gain unauthorized access or perform actions like adding a user. CSRF, XSS, and RCE do not align with the characteristics of this log entry, which is specifically targeting SQL query execution.