Certified Ethical Hacker (CEH v11) — Question 244

Attempting an injection attack on a web server based on responses to True/False questions is called which of the following?

Answer options

• A. Compound SQLi
• B. Blind SQLi
• C. Classic SQLi
• D. DMS-specific SQLi

Correct answer: B

Explanation

The correct answer is B, Blind SQLi, which refers to SQL injection attacks where the attacker cannot see the result of the query but can infer information based on the application's responses. The other options, such as Compound SQLi and Classic SQLi, refer to different types of SQL injection techniques that do not specifically rely on True/False responses.