Answer: Command injection and directory traversal attempts
Directory traversal is when an attacker uses the software on a web server to access data in a directory other than the server's root directory. If the attempt is successful, the threat actor can view restricted files or execute commands on the server.
Command injection is an attack that involves executing commands on a host. Typically, the threat actor injects the commands by exploiting an application vulnerability, such as insufficient input validation.
The attacker is attempting to traverse the directory of the host and execute the cat command which could be used to print the contents of a file.
The log entries show attempts to perform command injection and directory traversal attacks. In a command injection attack, the attacker tries to execute arbitrary commands on the target system by injecting malicious input into the application. In this case, the GET requests in the log entries include sequences like "../../../../../../etc/passwd" and "../../../../../../etc/shadow," which are attempts to traverse directories and access sensitive files on the system.
Directory traversal attacks are an attempt to access files and directories that are outside of the web application's intended directory structure. By using "../" sequences, the attacker tries to navigate to parent directories and access files that should not be publicly accessible.
The log entries suggest command injection and directory traversal attempts. The attacker is attempting to execute commands on the web server by entering special characters, such as semicolons and forward slashes, in the input fields. They are also trying to access directories outside of the web root by using "../" in the URI. Therefore, the correct answer is C.
This section is not available anymore. Please use the main Exam Page.SY0-601 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
stoneface
Highly Voted 2 years, 8 months agoScottT
2 years, 8 months agoVendorPTS
2 years, 7 months agorodwave
Highly Voted 2 years, 6 months agoSoleandheel
Most Recent 1 year, 6 months agoProtract8593
1 year, 9 months agoYawannawanka
2 years agoJ_Ark1
2 years, 6 months agoJossie_C
2 years, 6 months agoSandon
2 years, 3 months agoProtract8593
1 year, 9 months agoRonWonkers
2 years, 7 months agocomeragh
2 years, 8 months ago