CompTIA Security+ (SY0-701) — Question 32

Which of the following enables the use of an input field to run commands that can view or manipulate data?

Answer options

• A. Cross-site scripting
• B. Side loading
• C. Buffer overflow
• D. SQL injection

Correct answer: D

Explanation

SQL injection is a technique that allows an attacker to execute arbitrary SQL code through input fields, enabling them to manipulate or retrieve data from a database. Cross-site scripting, side loading, and buffer overflow are different vulnerabilities that do not specifically facilitate direct data manipulation through user input in the same manner as SQL injection.