Exam 212-89 Topic 1 Question 60 Discussion

Actual exam question for EC-COUNCIL's 212-89 exam
Question #: 60
Topic #: 1

An organization implemented an encoding technique to eradicate SQL injection attacks. In this technique, if a user submits a request using single-quote and some values, then the encoding technique will convert it into numeric digits and letters ranging from a to f. This prevents the user request from performing SQL injection attempt on the web application.
Identify the encoding technique used by the organization.

A. Unicode encoding B. Base64 encoding C. Hex encoding D. URL encoding

Suggested Answer: C Vote an answer

Hex encoding (also known as hexadecimal encoding) involves converting binary data into hexadecimal representation. In the context described, when a user submits a request with potentially malicious input (such as a single quote and other characters in an attempt to perform SQL injection), the encoding technique converts this input into a string of hexadecimal digits (ranging from 0 to 9 and A to F). This prevents the direct interpretation of the input as SQL commands by the database, thereby mitigating the risk of SQL injection attacks. This method is a form of input sanitization that helps ensure that user input cannot be used to manipulate database queries directly.
References:The use of hex encoding as a technique to prevent SQL injection attacks is discussed in the ECIH v3 course materials. This includes an explanation of how encoding user input can protect web applications from injection and other forms of attacks by ensuring that inputs are treated as data rather than executable code.

by Troy at Jun 02, 2025, 07:24 AM

Limited Time Offer

15%

Off

Get Premium 212-89 Questions as Interactive Self Test Engine or PDF

Comments

0 Happy Clients

0 Shares

0 Demo Downloads

10 Years in Business