Certified Ethical Hacker (CEHv9) Questions and answers
89. An attacker gains access to a Web server's database and displays the contents of the table that holds all of the names, passwords, and other user information. The attacker did this by entering information into the Web site's user login page that the software's designers did not expect to be entered. This is an example of what kind of software design problem?
A. Insufficient input validation
B. Insufficient security management
C. Insufficient exception handling
D. Insufficient database hardening
90. Which of the following is the greatest threat posed by backups?
A. A backup is unavailable during disaster recovery.
B. An on-encrypted backup can be misplaced or stolen.
C. A backup is incomplete because no verification was performed.
D. A backup is the source of Malware or illicit information.