CompTIACompTIA
SY0-701 · Question #430
SY0-701 Question #430: Real Exam Question with Answer & Explanation
The correct answer is A: A web shell has been deployed to the server through the page.. The shell would allow the attacker to gain unauthorized access and control over the server.
Submitted by kwame.gh· Mar 6, 2026Threats, vulnerabilities, and mitigations
Question
A company web server is initiating outbound traffic to a low-reputation, public IP on non-standard pat. The web server is used to present an unauthenticated page to clients who upload images the company. An analyst notices a suspicious process running on the server hat was not created by the company development team. Which of the following is the most likely explanation for his security incident?
Options
- AA web shell has been deployed to the server through the page.
- BA vulnerability has been exploited to deploy a worm to the server.
- CMalicious insiders are using the server to mine cryptocurrency.
- DAttackers have deployed a rootkit Trojan to the server over an exposed RDP port.
Explanation
The shell would allow the attacker to gain unauthorized access and control over the server.
Community Discussion
No community discussion yet for this question.