Cisco Exam 300-215 Topic 5 Question 49 Discussion

Actual exam question for Cisco's 300-215 exam

Question #: 49
Topic #: 5

[All 300-215 Questions]

Refer to the exhibit.

Which two determinations should be made about the attack from the Apache access logs? (Choose two.)

AThe attacker used r57 exploit to elevate their privilege.

BThe attacker uploaded the word press file manager trojan.

CThe attacker performed a brute force attack against word press and used sql injection against the backend database.

DThe attacker used the word press file manager plugin to upoad r57.php.

EThe attacker logged on normally to word press admin page.

Show Suggested Answer

Suggested Answer: A

by Cordelia at Nov 21, 2022, 03:14 AM

Limited Time Offer

25%

Off

Get Premium 300-215 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lynda

3 days ago

I love how the question is trying to trick us with those answer choices. Gotta stay on our toes for these tricky certification exams, am I right? *chuckles*

upvoted 0 times

...

Allene

7 days ago

Definitely not E! Logging in normally to the admin page is not an 'attack' per se. The logs point to more sophisticated attempts to compromise the system.

upvoted 0 times

...

Ryan

11 days ago

D looks promising too. The file manager plugin could have been used to upload the r57.php shell. But I agree B and C are the best choices based on the information provided.

upvoted 0 times

...

Carmela

13 days ago

I think the correct answers are B and C. The access logs show clear signs of a WordPress attack, including attempted SQL injection and uploading of a malicious file.

upvoted 0 times

...