PrepAway - Latest Free Exam Questions & Answers

Which of the following attacks is being attempted?

An administrator discovers the following log entry on a server:
Nov 12 2013 00:23:45 httpd[2342]: GET /app2/prod/proc/process.php?input=change;cd
%20../../../etc;cat%20shadow
Which of the following attacks is being attempted?

PrepAway - Latest Free Exam Questions & Answers

A.
Command injection

B.
Password attack

C.
Buffer overflow

D.
Cross-site scripting

3 Comments on “Which of the following attacks is being attempted?

    1. Mike says:

      Explanation: In this case a command was entered, and the attacker was attempting
      to gain access to the password file within the /etc directory. If the
      attacker tried to inject code, they would not use commands, but rather PHP,
      ASP, or another language. SQL injections are usually run on databases, not
      web servers’ HTML forms. Buffer overflows have to do with memory and how
      applications utilize it.

      A- Command Injection




      4



      0
  1. MikeM7 says:

    When I took Sec + in 2013, I spent a week memorizing 300 questions and 20 or so port numbers, and aced the exam first try. This time around it seems like there are no good resources, no valid dumps, and everywhere I try to do practice questions I can’t even trust the answers to be correct… what happened?? I’ve been cramming for 3 weeks now and still don’t feel ready. Should have just jumped through the hoops for CEU’s… at the time, that seemed like more effort than just retesting. Appears I was mistaken.




    5



    0

Leave a Reply