SQL ____ involves the attacker supplying SQL commands when prompted to fill in a Web application field.
A)redirection
B)spoofing
C)injection
D)insertion

Question

Quizplus · Accepted Answer

SQL injection is a type of injection attack where an attacker can execute malicious SQL statements that control a web application’s database server. The attacker achieves this by inserting SQL commands into application field input. The goal of the attacker is to trick the application into running malicious SQL commands.

SQL ____ Involves the Attacker Supplying SQL Commands When Prompted