U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CompTIA CS0-003 Exam - Topic 3 Question 61 Discussion

A security analyst noticed the following entry on a web server log:Warning: fopen (http://127.0.0.1:16) : failed to open stream:Connection refused in /hj/var/www/showimage.php on line 7Which of the following malicious activities was most likely attempted?
C) SSRF
A) XSS
B) CSRF
D) RCE

CompTIA CS0-003 Exam - Topic 3 Question 61 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 61
Topic #: 3
[All CS0-003 Questions]

A security analyst noticed the following entry on a web server log:

Warning: fopen (http://127.0.0.1:16) : failed to open stream:

Connection refused in /hj/var/www/showimage.php on line 7

Which of the following malicious activities was most likely attempted?

Show Suggested Answer Hide Answer
Suggested Answer: C

The malicious activity that was most likely attempted is SSRF (Server-Side Request Forgery). This is a type of attack that exploits a vulnerable web application to make requests to other resources on behalf of the web server. In this case, the attacker tried to use the fopen function to access the local loopback address (127.0.0.1) on port 16, which could be a service that is not intended to be exposed to the public. The connection was refused, indicating that the port was closed or filtered. Reference: CompTIA CySA+ Study Guide: Exam CS0-003, 3rd Edition, Chapter 2: Software and Application Security, page 66.


Contribute your Thoughts:

0/2000 characters

Currently there are no comments in this discussion, be the first to comment!


Save Cancel