Eccouncil Exam 312-96 Topic 9 Question 31 Discussion

Actual exam question for Eccouncil's 312-96 exam

Question #: 31
Topic #: 9

During his secure code review, John, an independent application security expert, found that the developer has used Java code as highlighted in the following screenshot. Identify the security mistake committed by the developer?

AHe is trying to use Whitelisting Input Validation

BHe is trying to use Non-parametrized SQL query

CHe is trying to use Blacklisting Input Validation

DHe is trying to use Parametrized SQL Query

Show Suggested Answer

Suggested Answer: C

by Rodolfo at Oct 21, 2024, 09:53 PM

Limited Time Offer

25%

Off

Get Premium 312-96 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Gearldine

20 hours ago

I believe the correct approach would be to use Parametrized SQL Query for better security.

upvoted 0 times

...

Pamella

7 days ago

I agree with Terrilyn. Non-parametrized SQL queries are vulnerable to SQL injection attacks.

upvoted 0 times

...

Terrilyn

8 days ago

I think the developer made a mistake by using Non-parametrized SQL query.

upvoted 0 times

...