InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
What do you mean by SQL injection? |
|
Answer» SQL injection is the process of inserting MALICIOUS SQL commands to the database that can exploit the user data stored in it. By inserting these statements, hackers actually take CONTROL of the database and can destroy and manipulate sensitive information stored in database. These SQL COMMAND insertions or SQL injection mainly happens using inputs through web pages which is one of the most common web hacking techniques. In Web applications, usually web servers do communication with the database servers in order to retrieve or store data related to user in the database. Hackers input these malicious SQL codes which are executed once the web server tries to make CONNECTION with the database server resulting in compromising the security of the web application. We can make use of Restricted access privileges and user authentication to AVOID any security breach which may impact the critical data present in database. Another way is to avoid using system administrator accounts. |
|