Certified Ethical Hacker (CEH v10) — Question 37

What is attempting an injection attack on a web server based on responses to True/False questions called?

Answer options

• A. DMS-specific SQLi
• B. Compound SQLi
• C. Blind SQLi
• D. Classic SQLi

Correct answer: C

Explanation

The correct answer is C, Blind SQLi, which refers to a technique where an attacker determines the information from a database by asking True/False questions and observing the responses. Options A, B, and D do not specifically pertain to this method of attack and are used to describe different types of SQL injection techniques.