ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 363 discussion

Actual exam question from CompTIA's SY0-601
Question #: 363
Topic #: 1
[All SY0-601 Questions]

A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicate a directory traversal attack has occurred. Which of the following is the analyst MOST likely seeing?

  • A. http://sample.url.com/
  • B. http://sample.url.com/someotherpageonsite/../../../etc/shadow
  • C. http://sample.url.com/select-from-database-where-password-null
  • D. http://redirect.sameple.url.sampleurl.com/malicious-dns-redirect
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by sdc939 at Feb. 9, 2023, 1:03 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Danzix
Highly Voted 2 years, 4 months ago
Selected Answer: B
According to Dion Training, whenever you see "../../../../.." is directory traversal.
upvoted 15 times
...
Pesos
Most Recent 1 year, 2 months ago
Remember D equals D. Directory... Dots../../..
upvoted 1 times
...
subaie503
1 year, 4 months ago
../../../../.../../../../.../../../../.../../../../.../../../../.
upvoted 3 times
...
Teleco0997
1 year, 7 months ago
Selected Answer: B
i just glanced over the answers before reading the question and automatically knew it was going to be something about directories we are well trained :')
upvoted 2 times
...
ApplebeesWaiter1122
2 years ago
Selected Answer: B
This URL indicates a directory traversal attack, also known as path traversal or directory climbing attack. In this attack, the attacker tries to access files or directories outside of the web server's intended directory structure by manipulating the URL. The ".." sequences are used to navigate up the directory hierarchy and potentially reach sensitive files or directories. By including "../" multiple times, the attacker attempts to traverse back to the root directory ("/") and then access the "/etc/shadow" file, which typically stores encrypted password hashes on Unix-like systems. This is a common target for attackers as it may contain valuable information that can be used for further exploitation.
upvoted 4 times
...
Jibz18
2 years, 4 months ago
Selected Answer: B
Should be B
upvoted 2 times
...
sdc939
2 years, 4 months ago
Selected Answer: B
B. http://sample.url.com/someotherpageonsite/../../../etc/shadow
upvoted 2 times
...
sdc939
2 years, 4 months ago
B. http://sample.url.com/someotherpageonsite/../../../etc/shadow
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel