CS0-003 · Question #647
CS0-003 Question #647: Real Exam Question with Answer & Explanation
The correct answer is D: Directory traversal was performed to obtain a sensitive file for further reconnaissance.. The log entry shows URL-encoded sequences (%2E%2E) representing “..”, which is characteristic of a directory traversal attempt. This technique is used to access files such as /etc/passwd for reconnaissance. Even if unsuccessful, the pattern clearly indicates a traversal
Question
An analyst reviews the following web server log entries: %2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd No attacks or malicious attempts have been discovered. Which of the following most likely describes what took place?
Options
- AA SQL injection query took place to gather information from a sensitive file.
- BA PHP injection was leveraged to ensure that the sensitive file could be accessed.
- CBase64 was used to prevent the IPS from detecting the fully encoded string.
- DDirectory traversal was performed to obtain a sensitive file for further reconnaissance.
Explanation
The log entry shows URL-encoded sequences (%2E%2E) representing “..”, which is characteristic of a directory traversal attempt. This technique is used to access files such as /etc/passwd for reconnaissance. Even if unsuccessful, the pattern clearly indicates a traversal
Topics
Community Discussion
No community discussion yet for this question.