1.6.7

Structured Query Language (SQL) Injection

Test yourself on Structured Query Language (SQL) Injection

Test your knowledge with free interactive questions on Seneca — used by over 10 million students.

Structured Query Language (SQL) Injection

Almost all websites today are powered by databases on the server. Structured Query Language (SQL) injection is an attack which exploits these databases.

The attack

The attack

  • Structured Query Language (SQL) is a language used to access databases.
  • SQL injection is a form of active attack that exploits SQL execution on web servers.
  • Attackers 'inject' specially formatted code into fields in the website, which when run on the server allow them to bypass login screens or damage the data kept on the server.
Protection against SQL injection

Protection against SQL injection

  • Input validation sets username and password rules that don't permit the character needed to write SQL code.
  • Input sanitation inspects the user's input and removes SQL command words from the input before it is processed.
  • User access levels can be set up to prevent the web server from altering the contents of the database.
Jump to other topics
1

Computer Systems

1.1

Data Representation

1.1.1Binary Numbers1.1.2Negative Binary Numbers1.1.3Hexadecimal1.1.4Using Hexadecimal1.1.5Converting Binary & Hexadecimal1.1.6Converting Denary & Hexadecimal1.1.7Capacity1.1.8Calculating Capacity Requirements1.1.9Binary in Computer Systems1.1.10Data Compression1.1.11Run Length Encoding1.1.12File Formats
1.2

Data Transmission

1.2.1Packet Switching1.2.2Data Transmission1.2.3Universal Serial Bus (USB)1.2.4Parity Check1.2.5Checksum & Echo Checks1.2.6Encryption
1.3

Hardware

1.3.1Elements of Computer Systems1.3.2Types of Computer System1.3.3Von Neumann Architecture1.3.4The Fetch, Decode, Execute Cycle1.3.5Factors Affecting CPU Performance1.3.6Computational Logic1.3.7Input Devices1.3.82D & 3D Scanners1.3.9Code Readers1.3.10Solid State Storage1.3.11Magnetic Storage1.3.12Examples of Magnetic Storage1.3.13Optical Storage1.3.14Examples of Optical Storage1.3.15Types of Optical disk1.3.16Storage Requirements1.3.17Translation - Compilers1.3.18Translation - Interpreters1.3.19Translation - Assemblers1.3.20Acoustic Sensors1.3.21Flow Sensors1.3.22Gas Sensors1.3.23Humidity Sensors1.3.24Infrared Sensors1.3.25Level Sensors1.3.26Light Sensors1.3.27Magnetic Field Sensors1.3.28Moisture Sensors1.3.29pH Sensors1.3.30Pressure Sensors1.3.31Proximity Sensors1.3.32Temperature Sensors1.3.33Network Hardware
1.4

Software

1.4.1Operating Systems1.4.2Interrupts1.4.3High-Level Languages1.4.4Low-Level Languages
1.5

The Internet & its Uses

1.5.1The Internet1.5.2Uniform Resource Locators (URLs)1.5.3DNS1.5.4HTML1.5.5Cookies1.5.6Web Hosting1.5.7Digital Currency
1.6

Cyber Security

1.6.1Forms of Attack1.6.2Penetration Testing1.6.3Types of Malware1.6.4How Malware Spreads1.6.5Protecting Against Malware1.6.6Information Security1.6.7Structured Query Language (SQL) Injection1.6.8Firewalls1.6.9Authentication: User Access Levels1.6.10Authentication: Passwords1.6.11Social Engineering1.6.12Phishing1.6.13Denial of Service Attacks
1.7

Automated & Emerging Technologies

1.7.1Automated Systems1.7.2Robotics1.7.3Artificial Intelligence
2

Algorithms, Programming & Logic

2.1

Algorithm Design & Problem Solving

2.1.1Computational Thinking - Abstraction2.1.2Computational Thinking - Decomposition2.1.3Computational Thinking - Algorithmic Thinking2.1.4Pseudocode2.1.5Flow Diagrams2.1.6Interpreting, Correcting & Completing Algorithm2.1.7Correcting Algorithms2.1.8Completing Algorithms2.1.9Testing2.1.10Types of Testing2.1.11Test Plans2.1.12Validation & Sanitation2.1.13Authentication & Contingencies
2.2

Programming

2.2.1Programming Fundamentals - Variables & Constants2.2.2Programming Fundamentals - Comments2.2.3Programming Fundamentals - Input & Output2.2.4Data Types2.2.5Casting2.2.6Controlling Program Flow - Sequence2.2.7Controlling Program Flow - Selection2.2.8Controlling Program Flow - Iteration2.2.9Modularity - Subroutines2.2.10Modularity - Scope2.2.11Arrays
2.3

Databases

2.3.1Structuring Data - Records2.3.2Structuring Data - Databases2.3.3SQL
2.4

Boolean Logic

2.4.1Binary Systems2.4.2Logic Circuits2.4.3Truth Tables2.4.4Evaluating Expressions2.4.5Boolean Operators2.4.6End of Topic Test - Logic

Practice questions on Structured Query Language (SQL) Injection

Can you answer these? Test yourself with free interactive practice on Seneca — used by over 10 million students.

  1. 1
    What type of cyberattack is Structured Query Language (SQL) injection?Multiple choice
  2. 2
    A Structured Query Language (SQL) Injection AttackPut in order
  3. 3
    How does input validation protect against Structured Query Language (SQL) injection?Multiple choice
Answer all questions on Structured Query Language (SQL) Injection

Unlock your full potential with Seneca Premium

  • Unlimited access to 10,000+ open-ended exam questions

  • Mini-mock exams based on your study history

  • Unlock 800+ premium courses & e-books

Get started with Seneca Premium

Information Security

Firewalls