Free CompTIA Security+ SY0-701 Practice Question

During a security assessment, you identified that an employee's desktop application for managing customer data allows for executing arbitrary database queries by modifying inputs within the application. This vulnerability can be exploited by attackers to manipulate or exfiltrate sensitive data from the company database. Which specific type of vulnerability does this scenario describe?

  • Directory traversal

  • Buffer overflow

  • SQL injection (SQLi)

  • Cross-site scripting (XSS)

This question's topic:
CompTIA Security+ SY0-701 / 
Threats, Vulnerabilities, and Mitigations
Your Score:

Check or uncheck an objective to set which questions you will receive.