Free CompTIA Security+ SY0-601 Practice Question

An attacker is attempting to compromise a web application that uses LDAP for authentication. The attacker inputs a specially crafted string into the login form to trick the application into granting unauthorized access or retrieving sensitive information. Which of the following inputs is likely being used by the attacker to achieve this?

  • (username)(|(uid=*))

  • SELECT * FROM users WHERE name = 'username'

  • username' OR '1'='1

  • DROP TABLE users; --

This question's topic:
CompTIA Security+ SY0-601 / 
Attacks, Threats, and Vulnerabilities
Your Score:

Check or uncheck an objective to set which questions you will receive.