Certified Ethical Hacker (CEH v12) — Question 233

As an IT Security Analyst, you've been asked to review the security measures of an e-commerce website that relies on a SQL database for storing sensitive customer data. Recently, an anonymous tip has alerted you to a possible threat: a seasoned hacker who specializes in SQL Injection attacks may be targeting your system. The site already employs input validation measures to prevent basic injection attacks, and it blocks any user inputs containing suspicious patterns. However, this hacker is known to use advanced SQL Injection techniques. Given this situation, which of the following strategies would the hacker most likely adopt to bypass your security measures?

Answer options

• A. The hacker might employ a 'blind' SQL Injection attack, taking advantage of the application's true or false responses to extract data bit by bit
• B. The hacker may resort to a DDoS attack instead, attempting to crash the server and thus render the e-commerce site unavailable
• C. The hacker may try to use SQL commands which are less known and less likely to be blocked by your system's security
• D. The hacker could deploy an 'out-of-band' SQL Injection attack, extracting data via a different communication channel, such as DNS or HTTP requests

Correct answer: D

Explanation

The correct answer is D because an 'out-of-band' SQL Injection attack allows the hacker to retrieve data without relying on the same channel as the application, making it harder for security measures to detect. Option A describes a method that could be effective but relies on the application's responses, which may be limited by the existing security. Option B focuses on a DDoS attack, which does not utilize SQL Injection techniques. Option C suggests using less known SQL commands, but this is less sophisticated compared to the out-of-band technique and may still be detected by existing security measures.