300-215 Question #14: Real Exam Question with Answer & Explanation

The correct answer is C: brute-force attack against directories and files on the target webserver. The alert clearly identifies ET SCAN DirBuster Web App Scan in Progress, referencing SID 2008186, which is a Snort signature that specifically detects DirBuster activity. DirBuster is a well- known tool used for brute-forcing hidden directories and files on web servers. The Cisco

Submitted by anjalisingh· Mar 6, 2026Forensics Techniques

Question

Refer to the exhibit. According to the SNORT alert, what is the attacker performing?

Options

Abrute-force attack against the web application user accounts
BXSS attack against the target webserver
Cbrute-force attack against directories and files on the target webserver
DSQL injection attack against the target webserver

Explanation

The alert clearly identifies ET SCAN DirBuster Web App Scan in Progress, referencing SID 2008186, which is a Snort signature that specifically detects DirBuster activity. DirBuster is a well- known tool used for brute-forcing hidden directories and files on web servers. The Cisco CyberOps Associate guide and OWASP both identify directory brute-forcing as a reconnaissance technique to find unprotected or misconfigured endpoints on web applications, typically prior to launching deeper attacks.

Topics

#SNORT#IDS alert#web enumeration#directory brute-force

Community Discussion

No community discussion yet for this question.

Full 300-215 Practice Browse All 300-215 Questions