EC-Council
412-79V8 · Question #104
412-79V8 Question #104: Real Exam Question with Answer & Explanation
Sign in or unlock 412-79V8 to reveal the answer and full explanation for question #104. The question stem and answer options stay visible for context.
Question
A directory traversal (or path traversal) consists in exploiting insufficient security validation/sanitization of user-supplied input file names, so that characters representing "traverse to parent directory" are passed through to the file APIs. The goal of this attack is to order an application to access a computer file that is not intended to be accessible. This attack exploits a lack of security (the software is acting exactly as it is supposed to) as opposed to exploiting a bug in the code. To perform a directory traversal attack, which sequence does a pen tester need to follow to manipulate variables of reference files?
Exhibit
Options
- Adot-dot-slash (../) sequence
- BDenial-of-Service sequence
- CBrute force sequence
- DSQL Injection sequence
Unlock 412-79V8 to see the answer
You've previewed enough free 412-79V8 questions. Unlock 412-79V8 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.