CERTIVIEW

Wednesday, 20 April 2016

CEH v9 Question of the Week: SQL Injection

CEH-v9-QOWBlackWhat is one of the best defenses against SQL injection?

A. Snort signatures
B. Firewall
C. Web and database design
D. HIDS

Reveal Answer

The correct answer is C.

Firewalls provide little or no defense against SQL injection attacks because web sites require constant access to the database. Your website is public and firewalls must be set to allow every site visitor access to your database, usually over port 80/443.

The most commonly used SQL injection defense is made up of two components. First there is routine updating and patching of all servers, services and applications which of course has many advantages and is common practice. Then there is producing and using well written and well tested website code that disallows unexpected SQL commands.

 

Related Course
Certified Ethical Hacker v9

CEH v9 Question of the Week Series

  • CEH v9 Question of the Week: Retina Scanners
  • CEH v9 Question of the Week: Employee Behavior
  • CEH v9 Question of the Week: CVE-2007-2447
  • CEH v9 Question of the Week: SQL Injection
  • CEH v9 Question of the Week: Web Application Penetration Testing
  • CEH v9 Question of the Week: iptables
  • CEH v9 Question of the Week: Examine Streams of Packets
  • CEH v9 Question of the Week: Scans
  • CEH v9 Question of the Week: SQL Injection


from
CERTIVIEW
Posted by Unknown at 03:03
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Labels: certification, CERTIVIEW, course, elearning, Global Knowledge Training Blog, IT, online test, Security

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Blog Archive

  • ►  2017 (143)
    • ►  March (19)
    • ►  February (55)
    • ►  January (69)
  • ▼  2016 (1230)
    • ►  December (46)
    • ►  November (61)
    • ►  October (65)
    • ►  September (66)
    • ►  August (75)
    • ►  July (39)
    • ►  June (71)
    • ►  May (68)
    • ▼  April (175)
      • The Week In Storage: SanDisk Recovers, WD And Seag...
      • Zscaler Uncovers Android Malware Pretending To Be ...
      • IT Career Paths And Certification Guides
      • How To Add Windows 10 To An Azure AD Domain
      • CCNP R&S Question of the Week: clear ip route
      • Syncplicity Announces New Data Hub Tool
      • SAP Certification Guide: Overview And Career Paths
      • Best Training Options For IT Pros
      • IBM Expands FlashSystem All Flash Array Family
      • Hitahchi Data Systems Upgrades VSP G Series
      • CEH v9 Question of the Week: Standard Risk Assessment
      • Brocade Certification Guide: Overview And Career P...
      • Tyan Servers, Motherboards Add Support For Intel X...
      • Zscaler Launches Zscaler Private Access, A 'VPN' F...
      • Neo Technology Releases Neo4j 3.0
      • Aviatrix Announces Cloud Native Networking 2.0
      • Why IT Pros Need Soft Skills to Compete in 2016
      • How To Disable Cortana In Windows 10
      • How The Cloud Is Creating More Opportunities For I...
      • CCNA Data Center Question of the Week: User Roles
      • The Week In Storage: Intel Nets $2B, Fires Everyon...
      • SK Hynix PE3110 Enterprise M.2 SSD Review: 3D NAND...
      • How To Backup Windows 10 PCs To Azure Backup
      • Professional Development For IT Pros: Planning & R...
      • Thecus Announces W2810PRO Storage Server
      • Solid State Storage Turns Data Centers Into Busine...
      • 5 Ways Global Knowledges New Website Makes Getting...
      • Polycom appoints new distributor Arvind Ltd to add...
      • Accenture expands global security opens Cyber Center
      • SHRM India hosts 2nd HR Tech Conference and Expo 2016
      • FreeCharge partners with BookMyShow
      • Crucial Announces New 32 GB 64 GB Server Memory Mo...
      • Chenbro Announces RM43XXX Series High-Density Stor...
      • LPI Certifications Guide: Overview And Career Paths
      • BroadGrain selects Eka for Next-Gen CTRM Software ...
      • Akamai Ion tackles key mobile performance
      • Dell security tackles remote workforce challenges ...
      • Mitel announces to acquire Polycom at $1.96 billion
      • CEH v9 Question of the Week: SQL Injection
      • HONEYWELL launches total care field services globally
      • How converged datacenter infrastructure helps ente...
      • Xerox is Revitalizing its Printer and MPS business...
      • WD Announces Gold Datacenter HDDs As HGST Integrat...
      • SNIA Certification Guide: Overview And Career Paths
      • Toshiba PX04P NVMe Enterprise SSD Review
      • Traffic Jams: Kaspersky Lab Discovers Security Iss...
      • Evoxyz launches Evotag -liberates parents from fear
      • PFT launches Industry-First Promo Versioning Autom...
      • Vodafone India welcomes Govts plan to support Tele...
      • Untitled
      • Huawei White Paper Shows Roadmap to 4K Bearer Netw...
      • Aditya Birla Financial Services expands Teradata p...
      • OpenText To Acquire Distressed HP Engage Software ...
      • Dell And Scality RING Combine; 6.9PB Raw Capacity ...
      • How To Change Windows 10 Update Settings
      • Microsoft's Certification Subway Map And The Missi...
      • HP's RGS Technology Now Works With Mac Devices
      • HP Finally Updates AIO Workstation Line With Z1 G3...
      • Nihilent, Nigerian Govt meet on collaboration for ...
      • Panasonic, AES announce India’s First battery-base...
      • MapR ships new Stream Processing Quick Start Solution
      • CCNA Data Center Question of the Week: Layer 2 Fea...
      • AXIS’ Zipstream tech adapts to PTZ camera movements
      • NASSCOM, Symantec to launch cyber security courseware
      • PFT extends CLEARTM Operations Cloud to Amazon Web...
      • Huawei Announces new Indoor Connected Solution
      • Payments Banks – Convenience Weds Technology
      • The Week In Storage: Mt. Micron Rumbles, Seagate C...
      • How To Manage The Windows 10 Clipboard With PowerS...
      • Citrix XenMobile Enterprise Mobility Management Re...
      • EMC Certification Guide: Overview And Career Paths
      • Capgemini accelerates Global Blockchain Practice R...
      • Hacktivist should be stopped, but are also desired...
      • CCNP R&S Question of the Week: IPv4 and IPv6
      • UMC Standardizes on Industry-Leading ARM Artisan P...
      • Micron Enters System Market With Micron Accelerate...
      • Top 5 Software Suites That Need Employee Reskilling
      • Seagate Plummets On Revised Earnings; Surging SSDs...
      • Blue Coat Extends Enterprise Security Leadership w...
      • Arun Dutta Appointed Country Manager of GSN Games ...
      • TogoFogo RepairGreen, An Eco-Friendly Mobile Repai...
      • NEC provides Orange Egypt with iPASOLINK E-band mi...
      • MicroSave signs MoU with NPCI to boost digital pay...
      • ShopClues exclusively launches Penta – T Pad laptop
      • Array Networks Makes Subscription-Based Virtual AD...
      • Connected Value Chain: A Panacea for Consumer Good...
      • Sonus Cloud Link promises Secure Enterprise Migrat...
      • Over US$31bn Invested in IoT-Related Startups in 2...
      • Employee Development And Training: Find The Best O...
      • Amazon introducing Kindle Oasis, claiming thinnest...
      • Zadara Adds Object Storage, Larger SSDs And FC Sup...
      • Kolkata Co CEO held for Forging Quick Heal documents
      • NoSQL – To be or Not To be, that is the question
      • CEH v9 Question of the Week: Scans
      • Customers maximize business potential, accelerate ...
      • Customers maximize business potential, accelerate ...
      • Micron Announces 9100, 7100 NVMe PCIe SSDs
      • Cloudera Big Data Certification Guide: Overview An...
      • DH2i Announces Containers As A Service (CaaS) For ...
      • Sumo Logic Machine Data Analytics Platform Merges ...
    • ►  March (201)
    • ►  February (199)
    • ►  January (164)
  • ►  2015 (947)
    • ►  December (190)
    • ►  November (248)
    • ►  October (291)
    • ►  September (218)

About Me

Unknown
View my complete profile
Simple theme. Powered by Blogger.