We all learn about the web application attack known as SQL Injection in the study guides, but a very few of us (me included!) actually have seen it performed. I thought I'd share this SQL Injection demonstration in hopes that it helps some of you actually visualize what the books are talking about. First we'll go over some quick facts about SQL Injection:
Say a truck driver has to go from New York to California with multiple stops in between.
When he reaches California, suppose he missed a stop in Las Vegas, Nevada? He would not be able to drive back to Nevada, but rather drive ALL the way back to New York and then continue onto Nevada.
The Waterfall model is not iterative, as in, it does not allow a return to previous steps.
Remember these three things for the CISSP exam in regards to the Waterfall Model:
The process is linear
It does not allow programmers to go back a step
It is does not work for complicated and detailed projects, maybe smaller projects