Do you understand client side and transitive access attacks? Can you answer this sample Security+ question?
Q. Your organization hosts a web site within a DMZ and the web site accesses a database server in the internal network. ACLs on firewalls prevent any connections to the database server except from the web server. Database fields holding customer data are encrypted and all data in transit between the web site server and the database server are encrypted. Which of the following represents the GREATEST risk to the data on the server?
A. Theft of the database server
B. XML injection
C. SQL injection
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available here.