CompTIA
PT0-001 · Question #145
PT0-001 Question #145: Real Exam Question with Answer & Explanation
The correct answer is C: Directory traversal attack. This question references an attack shown in an omitted image or code snippet. Based on the correct answer, it depicts a directory traversal attack using path sequences to access restricted server files.
Question
Given the following: Which of the following BEST describes the above attack?
Options
- AMalicious file upload attack
- BRedirect attack
- CDirectory traversal attack
- DInsecure direct object reference attack
Explanation
This question references an attack shown in an omitted image or code snippet. Based on the correct answer, it depicts a directory traversal attack using path sequences to access restricted server files.
Common mistakes.
- A. A malicious file upload attack involves uploading dangerous files such as web shells to gain execution on the server, not manipulating path inputs to traverse the file system.
- B. A redirect attack tricks a web application into forwarding users to a malicious external URL, which is unrelated to navigating server directories via path sequences.
- D. An insecure direct object reference (IDOR) attack manipulates identifiers like numeric record IDs in requests to access unauthorized data objects, not file system paths.
Concept tested. Directory traversal path sequence file system attack
Reference. https://owasp.org/www-community/attacks/Path_Traversal
Community Discussion
No community discussion yet for this question.