nerdexam
EC-Council

312-49V11 · Question #132

312-49V11 Question #132: Real Exam Question with Answer & Explanation

The correct answer is A. Apache modules: To uncover extended functionalities that may have been tampered with. Apache request processing behavior is commonly extended or altered through dynamically loaded modules (e.g., mod_security, mod_rewrite, custom modules). If HTTP.REQUEST handling appears changed, examining loaded/added/modified modules is the most direct way to find injected funct

Question

A multinational company has recently fallen victim to a severe cyberattack. As part of the incident response team, you are analyzing the Apache web server logs to track the attacker s activities. You notice that modifications are made to the HTTP.REQUEST component of the Apache core, suggesting changes in request handling. To discern the type of modifications made, which of the following elements of the Apache web server architecture would you focus on examining?

Options

  • AApache modules: To uncover extended functionalities that may have been tampered with
  • Bhttp_protocol module: To identify the client and server data exchange details
  • Chttp_config module: To check alterations in configuration files and modules management
  • Dhttp_main module: To identify server startups and timeouts

Explanation

Apache request processing behavior is commonly extended or altered through dynamically loaded modules (e.g., mod_security, mod_rewrite, custom modules). If HTTP.REQUEST handling appears changed, examining loaded/added/modified modules is the most direct way to find injected functionality or tampering that affects request flow.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-49V11 Practice