312-50V13 Question #248: Real Exam Question with Answer & Explanation

Question

Jason, an attacker, targeted an organization to perform an attack on its Internet-facing web server with the intention of gaining access to backend servers, which are protected by a firewall. In this process, he used a URL https://xyz.com/feed.php?url:externaIsile.com/feed/to to obtain a remote feed and altered the URL input to the local host to view all the local resources on the target server. What is the type of attack Jason performed In the above scenario?

Options

• Awebsite defacement
• BServer-side request forgery (SSRF) attack
• CWeb server misconfiguration
• Dweb cache poisoning attack

Explanation

Explanation

Option B is correct because Jason manipulated the web server into making requests on his behalf by altering the URL parameter to point to localhost, allowing him to access internal resources (backend servers) that would otherwise be blocked by the firewall - this is the textbook definition of Server-Side Request Forgery (SSRF). Option A (website defacement) is wrong because that attack involves visually altering a website's appearance, which Jason never did. Option C (web server misconfiguration) is incorrect because it describes a vulnerability state, not an active attack technique involving URL manipulation. Option D (web cache poisoning) is wrong because that attack involves corrupting cached web content to serve malicious responses to other users, which is unrelated to forging internal server requests.

🧠 Memory Tip:

Think of SSRF = "Sneaky Server Request Forwarding" - the attacker tricks the server into making requests to internal/restricted resources on their behalf, essentially using the server as a proxy to bypass firewalls. If you see URL manipulation pointing to localhost or internal IPs, think SSRF.

No community discussion yet for this question.