Identify the injection attack represented in the diagram below:

The amount of data stored in organizational databases has increased rapidly in recent years
due to the rapid advancement of information technologies. A high percentage of these data
is sensitive, private and critical to the organizations, their clients and partners. Therefore,
databases are usually installed behind internal firewalls, protected with intrusion detection
mechanisms and accessed only by applications. To access a database, users have to
connect to one of these applications and submit queries through them to the database. The
threat to databases arises when these applications do not behave properly and construct
these queries without sanitizing user inputs first. Identify the injection attack represented in
the diagram below:

The amount of data stored in organizational databases has increased rapidly in recent years
due to the rapid advancement of information technologies. A high percentage of these data
is sensitive, private and critical to the organizations, their clients and partners. Therefore,
databases are usually installed behind internal firewalls, protected with intrusion detection
mechanisms and accessed only by applications. To access a database, users have to
connect to one of these applications and submit queries through them to the database. The
threat to databases arises when these applications do not behave properly and construct
these queries without sanitizing user inputs first. Identify the injection attack represented in
the diagram below:

A.
Frame Injection Attack

B.
LDAP Injection Attack

C.
XPath Injection Attack

D.
SOAP Injection Attack

Explanation:

Reference:
ehttps://www.blackhat.com/presentations/bh-europe-08/AlonsoParada/Whitepaper/bh-eu-08-
alonso-parada-WP.pdf( page 3 to 5)



Leave a Reply 2

Your email address will not be published. Required fields are marked *


alrooc

alrooc

“B” Module 16 Page 588 ECSAv8