CompTIA PenTest+ (PT1-002) — Question 87

A penetration tester is testing input validation on a search form that was discovered on a website. Which of the following characters is the BEST option to test the website for vulnerabilities?

Answer options

• A. Comma
• B. Double dash
• C. Single quote
• D. Semicolon

Correct answer: C

Explanation

The single quote is commonly used in SQL injection attacks to manipulate queries and can reveal vulnerabilities in input validation. The other characters, while they may have their own uses, do not typically trigger the same level of risk in SQL contexts as the single quote does.