Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

GAQM Exam CFA-001 Topic 1 Question 74 Discussion

Actual exam question for GAQM's CFA-001 exam
Question #: 74
Topic #: 1
[All CFA-001 Questions]

Attackers can manipulate variables that reference files with "dot-dot-slash (./)" sequences and their variations such as http://www.juggyDoy.corn/GET/process.php./././././././././etc/passwd.

Identify the attack referred.

Show Suggested Answer Hide Answer
Suggested Answer: B

by Louvenia at Dec 12, 2023, 01:11 PM

Limited Time Offer

25%

Off

Get Premium CFA-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Felicia
2 days ago
File injection, eh? That's a creative guess, but I think the 'dot-dot-slash' clue gives it away as a directory traversal attack.
upvoted 0 times
...
Amina
8 days ago
XSS? Come on, this is all about accessing sensitive files, not injecting code into a webpage.
upvoted 0 times
...
Mitzie
14 days ago
Haha, nice try with the SQL injection option, but this is clearly about navigating the file system, not the database.
upvoted 0 times
...
Devorah
18 days ago
I'm not sure, but I think it could also be File injection.
upvoted 0 times
...
Celestina
18 days ago
Definitely directory traversal! Those dot-dot-slash sequences are a classic giveaway.
upvoted 0 times
...
Nana
22 days ago
I agree with Tommy, because the example given involves manipulating file paths.
upvoted 0 times
...
Tommy
25 days ago
I think the attack referred is Directory traversal.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77