ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 323 discussion

Actual exam question from CompTIA's CAS-004
Question #: 323
Topic #: 1
[All CAS-004 Questions]

A network administrator who manages a Linux web server notices the following traffic:

http://comptia.org/../../../../etc/shadow

Which of the following is the BEST action for the network administrator to take to defend against this type of web attack?

  • A. Validate the server certificate and trust chain.
  • B. Validate the server input and append the input to the base directory path.
  • C. Validate that the server is not deployed with default account credentials.
  • D. Validate that multifactor authentication is enabled on the server for all user accounts.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by CXSSP at Sept. 10, 2023, 11:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CXSSP
Highly Voted 1 year, 8 months ago
Selected Answer: B
B. Validate the server input and append the input to the base directory path. The provided URL http://comptia.org/../../../../etc/shadow suggests a directory traversal attack attempt. The attacker is trying to navigate to sensitive system files by using "../" to traverse up the directory structure. To defend against this type of attack, the network administrator should validate the server input. By doing so, the administrator can ensure that user input is properly sanitized and does not allow navigation outside of the intended directory structure.
upvoted 6 times
b49eb27
1 year, 1 month ago
I agree with the first part, but since this is a directory traversal attack, why would ewe append input to the base directory path? That does not make any sense to me
upvoted 1 times
saucehozz
1 year ago
Imagine a secret fort. You tell friends the entrance code (server security). But a trickster might try sneaky directions (directory traversal). To stop them, you give a special starting point everyone must say first (base directory path). This way, they can only reach allowed areas (authorized files).
upvoted 1 times
...
...
...
f7bc9da
Most Recent 2 weeks, 4 days ago
Selected Answer: C
B *seems* right until you think about it. Why would traversing from "comptia.org/new/default/path" be any harder than from "comptia.org/"? The new path does not imply any additional controls in place to actually prevent or mitigate the attack. C on the other hand implies that even if the directory traversal occurs, there are no default credentials and therefore the attacker must still provide credentials
upvoted 1 times
...
EAlonso
10 months, 2 weeks ago
B. is the opposite of need to do, but guessing "validate" could mean "sanitize" then... Definitions of "validate" verb: check or prove the validity or accuracy of (something),
upvoted 1 times
...
b49eb27
1 year, 1 month ago
Selected Answer: C
I'm going with C on this one. B sounds plausible until you read the rest. This is a directory path attack, why would you want to append anything to the base directory? I'm choosing C over D because MFA may not directly address the issue of directory traversal attacks or other malicious activity targeting the web server. MFA is effective in protecting against credential-based attacks, such as password guessing or phishing, but it may not prevent attacks that exploit vulnerabilities in the web server or its applications.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel