CompTIA Exam PT0-002 Topic 1 Question 40 Discussion

Actual exam question for CompTIA's PT0-002 exam

Question #: 40
Topic #: 1

During an assessment, a penetration tester manages to exploit an LFI vulnerability and browse the web log for a target Apache server. Which of the following steps would the penetration tester most likely try NEXT to further exploit the web server? (Choose two.)

ACross-site scripting

BServer-side request forgery

CSQL injection

DLog poisoning

ECross-site request forgery

FCommand injection

Show Suggested Answer

Suggested Answer: C

by Lavonna at Apr 20, 2023, 03:01 PM

Limited Time Offer

25%

Off

Get Premium PT0-002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Allene

16 days ago

Woah, hold on a second! Didn't they teach us about ethical hacking in this course? I better stick to the textbook answers like CSRF and SSRF. No need to go overboard with the evil stuff, am I right?

upvoted 0 times

...

Rene

29 days ago

Oh man, this is like a hacker's dream come true! I'm definitely going to try log poisoning and command injection. Imagine what kind of mayhem I could unleash on that poor Apache server!

upvoted 0 times

Lelia

7 hours ago

User 2: Yeah, and we can also try command injection to really wreak havoc on the server.

upvoted 0 times

...

Denise

1 days ago

User 1: Log poisoning sounds like a good idea. Let's mess with those logs.

upvoted 0 times

...

Nikita

1 months ago

I think SQL injection and cross-site scripting would be more interesting to explore. Who needs logs when you can manipulate the database or steal user sessions?

upvoted 0 times

...