Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GCCC Topic 1 Question 57 Discussion

Actual exam question for GIAC's GCCC exam
Question #: 57
Topic #: 1
[All GCCC Questions]

An attacker is able to successfully access a web application as root using ' or 1 = 1 . as the password. The successful access

indicates a failure of what process?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Miriam at Sep 14, 2024, 09:22 PM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Emily
2 months ago
I bet the developer who wrote this code is kicking themselves right about now. Talk about a epic fail. 'or 1 = 1'? Really? I think they need to go back to Hacking 101 and start over.
upvoted 0 times
Shawn
1 months ago
D) Account Management
upvoted 0 times
...
Carli
2 months ago
B) Output Sanitization
upvoted 0 times
...
Alona
2 months ago
A) Input Validation
upvoted 0 times
...
...
Dianne
2 months ago
But shouldn't output sanitization also be considered to prevent such attacks?
upvoted 0 times
...
Shannan
2 months ago
I agree with Lore, the attacker was able to bypass input validation.
upvoted 0 times
...
Elena
2 months ago
Seriously, who let the intern code this thing? Clearly, they need to go back to security 101 and learn about the importance of input validation. I mean, come on, that's Web App Security 101!
upvoted 0 times
Janae
1 months ago
User 4: This could have been prevented if they had implemented input validation correctly.
upvoted 0 times
...
Torie
2 months ago
It's a rookie mistake to not sanitize user inputs properly.
upvoted 0 times
...
Gail
2 months ago
Yeah, that's a basic security measure that should never be overlooked.
upvoted 0 times
...
Mary
2 months ago
Looks like someone forgot to validate their inputs.
upvoted 0 times
...
...
Fletcher
3 months ago
Hmm, I'm going with B on this one. Output sanitization is key to preventing these kinds of attacks. Gotta make sure you're not echoing that malicious input back out to the user, you know?
upvoted 0 times
...
Ula
3 months ago
Wow, talk about a rookie mistake. The web app should have been sanitizing that input before letting the user in as root. Input validation, people, it's not rocket science!
upvoted 0 times
...
Lore
3 months ago
I think the failure is due to input validation.
upvoted 0 times
...
Susy
3 months ago
Uh oh, looks like we've got a SQL injection vulnerability here! This is definitely a failure of input validation. Gotta love those little ' or 1 = 1 tricks, they just never get old, do they?
upvoted 0 times
Whitney
2 months ago
SQL injection vulnerabilities are no joke.
upvoted 0 times
...
Colene
2 months ago
They really need to improve their security measures.
upvoted 0 times
...
Micheal
2 months ago
I can't believe they fell for the ' or 1 = 1 trick.
upvoted 0 times
...
Isidra
3 months ago
Yeah, that's definitely a failure of input validation.
upvoted 0 times
...
...

Save Cancel