A particular database threat utilizes a SQL injection technique to penetrate a target system. How
would an attacker use this technique to compromise a database?
A.
An attacker uses poorly designed input validation routines to create or alter SQL commands to
gain access to unintended data or execute commands of the database
B.
An attacker submits user input that executes an operating system command to compromise a
target system
C.
An attacker gains control of system to flood the target system with requests,preventing
legitimate users from gaining access
D.
An attacker utilizes an incorrect configuration that leads to access with higher-than-expected
privilege of the database
Explanation:
Using the poorly designed input validation to alter or steal data from a database is a
SQL injection attack.