John, a SOC analyst, while monitoring and analyzing Apache web server logs, identified an event log matching Regex /(\.|(%|%25)2E)(\.|(%|%25)2E)(\/|(%|%25)2F|\\|(%|%25)5C)/i. What does this event log indicate?
p.448
To perform this type of attack, absolute or relative path traversal characters like /,.../, or its encoded versions %2f, %2e%2e%2f, or %2e%2e/ are used to compromise the path. To detect such type of vulnerabilities, set an alert on pattern matching Regex /(\.|(%|%25)2E)(\.|(%|%25)2E)(\/|(%|%25)2F|\\|(%|%25)5C)/i
This section is not available anymore. Please use the main Exam Page.312-39 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Berro_b
1 week, 2 days agoayisuska
10 months, 2 weeks agoMan_San
1 year agovjvirus
1 year, 3 months agoBocktw
1 year, 4 months agoThiha
1 year, 4 months ago