Certified Ethical Hacker (CEH v11) — Question 330

Which of the following types of SQL injection attacks extends the results returned by the original query, enabling attackers to run two or more statements if they have the same structure as the original one?

Answer options

• A. Union SQL injection
• B. Error-based injection
• C. Blind SQL injection
• D. Boolean-based blind SQL injection

Correct answer: A

Explanation

The correct answer is Union SQL injection because it enables attackers to combine the results of multiple SELECT statements into a single result set, effectively extending the original query results. The other options, such as Error-based injection, Blind SQL injection, and Boolean-based blind SQL injection, do not facilitate the execution of multiple statements in the same way.