CompTIA Exam Questions

Which of the following application attacks is used against a corporate directory service where there

Which of the following application attacks is used against a corporate directory service where
there are unknown servers on the network?

Rogue access point

Zero day attack

Packet sniffing

LDAP injection

A directory service is accessed by using LDAP (Lightweight Directory Access
Protocol). LDAP injection is an attack against a directory service.
Just as SQL injection attacks take statements that are input by users and exploit weaknesses
within, an LDAP injection attack exploits weaknesses in LDAP (Lightweight Directory Access
Protocol) implementations. This can occur when the user’s input is not properly filtered, and the
result can be executed commands, modified content, or results returned to unauthorized queries.
The best way to prevent LDAP injection attacks is to filter the user input and to use a validation
scheme to make certain that queries do not contain exploits.
One of the most common uses of LDAP is associated with user information. Numerous
applications exist—such as employee directories—where users find other users by typing in a
portion of their name. These queries are looking at the cn value or other fields (those defined for
department, home directory, and so on). Someone attempting LDAP injection could feed
unexpected values to the query to see what results are returned. All too often, finding employee
information equates to finding usernames and values about those users that could be portions of
their passwords.