[&] What is the first step in the SQL injection testing methodology discussed in the video?
- Conducting advanced testing
- Entry point detection
- Performing automated scans
- Validating the vulnerability

[&] Which of the following would be considered an example of basic SQL injection payload testing?
-  UNION SELECT username, password FROM users--
-  OR '1'='1
-  UNION SELECT NULL, NULL--
-  AND SLEEP(5)--

[&] Why is it important to identify the type of RDBMS being used during SQL injection testing?
- To ensure the payload is compatible with the specific RDBMS
- Because all SQL keywords work universally across RDBMSs
- To ensure faster query processing
- Because some RDBMSs use different query languages

[&] What is the main goal of error-based SQL injection testing?
- To execute commands on the operating system via SQL injection
- To test the application's response time
- To determine the structure of database tables
- To cause SQL syntax errors and reveal database information

[&] How can you test for time-based SQL injection vulnerabilities?
- By examining network traffic for anomalies
- By using statements that induce a delay such as 'sleep(10)'
- By checking if the server restarts after injection
- By analyzing error messages returned by the database

[&] What role do automated tools like SQLMap play in SQL injection testing?
- They are used to validate user input for secure SQL queries
- They replace the need for manual testing entirely
- They automate the construction of secure queries
- They validate findings and check for false positives