Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

GAQM Exam CFA-001 Topic 1 Question 74 Discussion

Actual exam question for GAQM's CFA-001 exam
Question #: 74
Topic #: 1
[All CFA-001 Questions]

Attackers can manipulate variables that reference files with "dot-dot-slash (./)" sequences and their variations such as http://www.juggyDoy.corn/GET/process.php./././././././././etc/passwd.

Identify the attack referred.

Show Suggested Answer Hide Answer
Suggested Answer: B

by Louvenia at Dec 12, 2023, 01:11 PM

Limited Time Offer

25%

Off

Get Premium CFA-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Lashanda
1 months ago
Wow, someone really needs to clean up their URL. '/etc/passwd'? That's just asking for trouble!
upvoted 0 times
...
Felicia
2 months ago
File injection, eh? That's a creative guess, but I think the 'dot-dot-slash' clue gives it away as a directory traversal attack.
upvoted 0 times
Raina
3 days ago
A) Directory traversal
upvoted 0 times
...
Leigha
21 days ago
You're right, the 'dot-dot-slash' clue is a giveaway for directory traversal.
upvoted 0 times
...
Azalee
22 days ago
B) SQL Injection
upvoted 0 times
...
Tien
26 days ago
You're right, it's a directory traversal attack.
upvoted 0 times
...
Norah
1 months ago
A) Directory traversal
upvoted 0 times
...
Kaycee
1 months ago
A) Directory traversal
upvoted 0 times
...
...
Amina
2 months ago
XSS? Come on, this is all about accessing sensitive files, not injecting code into a webpage.
upvoted 0 times
...
Mitzie
2 months ago
Haha, nice try with the SQL injection option, but this is clearly about navigating the file system, not the database.
upvoted 0 times
Ethan
1 months ago
B) SQL Injection
upvoted 0 times
...
Ethan
1 months ago
A) Directory traversal
upvoted 0 times
...
Victor
1 months ago
B) SQL Injection
upvoted 0 times
...
Victor
2 months ago
A) Directory traversal
upvoted 0 times
...
...
Devorah
2 months ago
I'm not sure, but I think it could also be File injection.
upvoted 0 times
...
Celestina
2 months ago
Definitely directory traversal! Those dot-dot-slash sequences are a classic giveaway.
upvoted 0 times
Caitlin
20 days ago
It's a common technique to access unauthorized files.
upvoted 0 times
...
Stefan
1 months ago
A) Directory traversal
upvoted 0 times
...
Loreta
1 months ago
Yes, attackers use those sequences to navigate through directories.
upvoted 0 times
...
Nakisha
2 months ago
A) Directory traversal
upvoted 0 times
...
...
Nana
2 months ago
I agree with Tommy, because the example given involves manipulating file paths.
upvoted 0 times
...
Tommy
2 months ago
I think the attack referred is Directory traversal.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77