What is the best description of SQL Injection?
A.
It is an attack used to gain unauthorized access to a database.
B.
It is an attack used to modify code in an application.
C.
It is a Man-in-the-Middle attack between your SQL Server and Web App Server.
D.
It is a Denial of Service Attack.
Explanation:
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL
statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).
https://en.wikipedia.org/wiki/SQL_injection