linkedin
5910 Breckenridge Pkwy Suite B, Tampa, FL. 33610
(800) 272-0707
support@lambers.com

SkillSoft Explore Course

BUY NOW! STARTING AT ONLY $299!
Certification     EC-Council     Certified Ethical Hacker (CEH)     Certified Ethical Hacker (CEH) v11

Many web applications store data in a back-end database and the data is then retrieved as the end user requests it from the front end. This process can allow for end-user injection of SQL queries, revealing sensitive data to the unauthorized attacker. In this course, you'll learn about SQL injection, including attack types, tools, security controls, and defense evasion techniques. Next, you'll explore error-based SQLi and how to test for and exploit this common SQLi vulnerability. SQL injections can be used to gain access to sensitive information or even allow access into a remote system, but they aren't always easily executed. To complete this course, you'll learn about blind-based SQLi methods and how to use them to access sensitive information on a remote system. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v11 (312-50) exam.

Asset ID it_spceh11tv_35_enus
Course Type Video Course
Course Category EC-Council
Objectives

CEHv11: SQL Injection Concepts & Attacks

  • describe how to find spots where SQL Injection could be attempted against a web application that stores and delivers data
  • identify the type of SQL injection attack used gain web applications that store and deliver data
  • recognize the security controls and defenses that can be used to prevent SQL Injection attacks
  • recognize the types of SQL injection attacks
  • describe how error-based SQLi can be tested for
  • Identify ways to exploit SQLi vulnerabilities
  • recognize how to use error-based SQLi to enumerate the database
  • describe the time-based blind SQLi method that can be used to access information on a remote system
  • recognize the types of blind-based SQLi that can be used to access sensitive information