SQL Server Questions and Answers – SQL Injection

This set of SQL Server Multiple Choice Questions & Answers (MCQs) focuses on “SQL Injection”.

1. SQL injection is an attack in which _________ code is inserted into strings that are later passed to an instance of SQL Server.
a) malicious
b) redundant
c) clean
d) non malicious
View Answer

Answer: a
Explanation: SQL injection is a code injection technique, used to attack data-driven applications.

2. Point out the correct statement.
a) Parameterized data cannot be manipulated by a skilled and determined attacker
b) Procedure that constructs SQL statements should be reviewed for injection vulnerabilities
c) The primary form of SQL injection consists of indirect insertion of code
d) None of the mentioned
View Answer

Answer: b
Explanation: Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives.

3. Which of the following script is example of SQL injection attack?
a)

advertisement
advertisement
var Shipcity;
ShipCity = Request.form ("ShipCity");
var SQL = "select * from OrdersTable where ShipCity = '" + ShipCity + "'";

b)

Note: Join free Sanfoundry classes at Telegram or Youtube
var Shipcity;
ShipCity = Request.form ("ShipCity");

c)

advertisement
var Shipcity;
var SQL = "select * from OrdersTable where ShipCity = '" + ShipCity + "'";

d) All of the mentioned
View Answer

Answer: a
Explanation: The script builds an SQL query by concatenating hard-coded strings together with a string entered by the user.
advertisement

4. Any user-controlled parameter that gets processed by the application includes vulnerabilities like ___________
a) Host-related information
b) Browser-related information
c) Application parameters included as part of the body of a POST request
d) All of the mentioned
View Answer

Answer: d
Explanation: SQL-injection exploit requires two things: an entry point and an exploit to enter.

5. Point out the wrong statement.
a) SQL injection vulnerabilities occur whenever input is used in the construction of an SQL query without being adequately constrained or sanitized
b) SQL injection allows an attacker to access the SQL servers and execute SQL code under the privileges of the user used to connect to the database
c) The use of PL-SQL opens the door to these vulnerabilities
d) None of the mentioned
View Answer

Answer: c
Explanation: Dynamic SQL (the construction of SQL queries by concatenation of strings) opens the door to many vulnerabilities.

6. Which of the stored procedure is used to test the SQL injection attack?
a) xp_write
b) xp_regwrite
c) xp_reg
d) all of the mentioned
View Answer

Answer: b
Explanation: xp_regwrite writes an arbitrary value into the Registry (undocumented extended procedure).

7. If xp_cmdshell has been disabled with sp_dropextendedproc, we can simply inject the following code?
a) sp_addextendedproc ‘xp_cmdshell’,’xp_log70.dll’
b) sp_addproc ‘xp_cmdshell’,’xp_log70.dll’
c) sp_addextendedproc ‘xp_cmdshell’,’log70.dll’
d) none of the mentioned
View Answer

Answer: a
Explanation: Security best practices for SQL Server recommends disabling xp_cmdshell in SQL Server 2000 (in SQL Server 2005 it is disabled by default). However, if we have sysadmin rights (natively or by bruteforcing the sysadmin password, see below), we can often bypass this limitation.

8. Which of the following code can enable xp_cmdshell?
a)

master..sp_configure 'show advanced options',1
reconfigure
master..sp_configure 'xp_cmdshell',1
reconfigure

b)

master..sp_configure 'show advanced options',1
configure
master..sp_configure 'xp_cmdshell',1
configure

c)

master..sp_reconfigure 'show advanced options',1
reconfigure
master..sp_reconfigure 'xp_cmdshell',1
reconfigure

d) All of the mentioned
View Answer

Answer: a
Explanation: By default xp_cmdshell and couple of other potentially dangerous stored procedures are disabled in SQL Server 2005.

9. Which of the following script is an example of Quick detection in the SQL injection attack?
a) SELECT loginame FROM master..sysprocesses WHERE spid = @@SPID
b) For integer inputs : convert(int,@@version)
c) IF condition true-part ELSE false-part (S)
d) SELECT header, txt FROM news UNION ALL SELECT name, pass FROM members
View Answer

Answer: b
Explanation: Quick detection attacks should throw conversion errors.

10. _______________ is time based SQL injection attack.
a) Quick detection
b) Initial Exploitation
c) Blind SQL Injection
d) Inline Comments
View Answer

Answer: c
Explanation: Blind SQL Injection is just like sleep, wait for specified time.

Sanfoundry Global Education & Learning Series – SQL Server.

To practice all areas of SQL Server, here is complete set of 1000+ Multiple Choice Questions and Answers.

If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]

advertisement
advertisement
Subscribe to our Newsletters (Subject-wise). Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

Youtube | Telegram | LinkedIn | Instagram | Facebook | Twitter | Pinterest
Manish Bhojasia - Founder & CTO at Sanfoundry
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He lives in Bangalore, and focuses on development of Linux Kernel, SAN Technologies, Advanced C, Data Structures & Alogrithms. Stay connected with him at LinkedIn.

Subscribe to his free Masterclasses at Youtube & discussions at Telegram SanfoundryClasses.