A security manager looked at various logs while investigating a recent security breach in the data center from
an external source. Each log below was collected from various security devices compiled from a report through
the company’s security information and event management server.
Logs: Log 1:
Feb 5 23:55:37.743: %SEC-6-IPACCESSLOGS: list 10 denied 10.2.5.81 3 packets
Log 2:
HTTP://www.company.com/index.php?user=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Log 3:Security Error Alert
Event ID 50: The RDP protocol component X.224 detected an error in the protocol stream and has
disconnected the client
Log 4:
Encoder oe = new OracleEncoder ();
String query = “Select user_id FROM user_data WHERE user_name = ` ” + oe.encode ( req.getParameter
(“userID”) ) + ” ` and user_password = ` ” + oe.encode ( req.getParameter(“pwd”) ) +” ` “;
Vulnerabilities Buffer overflow SQL injection ACL
XSS
Which of the following logs and vulnerabilities would MOST likely be related to the security breach? (Select
TWO).

A.
Log 1

B.
Log 2

C.
Log 3

D.
Log 4

E.
Buffer overflow

F.
ACL

G.
XSS

H.
SQL injection