ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 264 discussion

Actual exam question from CompTIA's SY0-601
Question #: 264
Topic #: 1
[All SY0-601 Questions]

A security administrator is trying to determine whether a server is vulnerable to a range of attacks. After using a tool, the administrator obtains the following output:



Which of the following attacks was successfully implemented based on the output?

  • A. Memory leak
  • B. Race conditions
  • C. SQL injection
  • D. Directory traversal
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Thapas at Oct. 17, 2022, 9:51 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ApplebeesWaiter1122
Highly Voted 1 year, 11 months ago
Selected Answer: D
./././
upvoted 21 times
Dima1993
1 year, 2 months ago
am I blind??? I dint see "./././" on the image only :/ but that is not a directory traversal it is a memory leak. Maybe I am just blind
upvoted 3 times
...
[Removed]
1 year, 7 months ago
U are the best. Little secrets matters
upvoted 3 times
...
...
Thapas
Highly Voted 2 years, 8 months ago
Directory traversal is a type of HTTP exploit that is used by attackers to gain unauthorized access to restricted directories and files
upvoted 17 times
...
CanBaB
Most Recent 1 year, 7 months ago
Directory traversal. Output is part of /etc/passwd
upvoted 1 times
...
frankokabbb
2 years, 3 months ago
Selected Answer: D
Directory traversal is . or / and SQL is 1=1 7OR7
upvoted 10 times
...
FMMIR
2 years, 7 months ago
Selected Answer: D
Directory traversal is a type of HTTP exploit that is used by attackers to gain unauthorized access to restricted directories and files
upvoted 3 times
...
Sir_Learnalot
2 years, 7 months ago
Selected Answer: D
For this looks like the output of a successfull directory traversal attack. The attacker was able to view the output of the the /etc/passwd file on a linux server (that would look something like the presented output here).
upvoted 4 times
...
comeragh
2 years, 7 months ago
Selected Answer: D
D - directory traversal. SQLi is 1=1 or 0=0 for example not 1:1.
upvoted 5 times
...
ankit_1606
2 years, 7 months ago
J_Ark1, SQL injection is ' OR '1'='1. Source: Wikipedia
upvoted 1 times
...
J_Ark1
2 years, 7 months ago
Selected Answer: C
"1:1" - SQL injection correct me if im wrong
upvoted 1 times
NerdAlert
2 years, 3 months ago
if you see 1=1 as a check within a query, it is a good indicator. SQL pulls queries on databases, and if you ask to show you everything where 1 = 1, 1 always = 1 so it will show you everything. The "=" is important. And shut up Sandon!
upvoted 8 times
...
HCM1985
1 year, 10 months ago
The 1:1 you're seeing are UID and GID for the Linux user.
upvoted 2 times
...
Sandon
2 years, 5 months ago
That ain't it
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel