Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 312-39 Exam - Topic 10 Question 24 Discussion

Actual exam question for Eccouncil's 312-39 exam
Question #: 24
Topic #: 10
[All 312-39 Questions]

Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex /((\%3C)|<)((\%69)|i|(\% 49))((\%6D)|m|(\%4D))((\%67)|g|(\%47))[^\n]+((\%3E)|>)/|.

What does this event log indicate?

Show Suggested Answer Hide Answer
Suggested Answer: C

%253C)%7C<)((%5C%2569)%7Ci%7C(%5C%2549))((%5C%256D)%7Cm%7C(%5C%254D))((%5C% 2567)%7Cg%7C(%5C%2547))%5B%5E%5Cn%5D%2B((%5C%253E)%7C>)/%

7C&source=bl&ots=kOBHNfJmtq&sig=ACfU3U2CG_hELc1HMb1chdc9OS4ooXPlMg&hl=en&sa=X&ved=2ah UKEwjYwJmlt_buAhUFShUIHTBNAs8Q6AEwBXoECAUQAw#v=onepage&q&f=false

by Belen at May 05, 2022, 05:52 PM

Limited Time Offer

25%

Off

Get Premium 312-39 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Paris
5 months ago
Regex patterns like that usually indicate parameter tampering.
upvoted 0 times
...
Ahmed
6 months ago
Wait, are we sure about that? Looks suspicious.
upvoted 0 times
...
Lauran
6 months ago
Totally agree, it's XSS for sure!
upvoted 0 times
...
Marya
6 months ago
I thought it was SQL injection at first.
upvoted 0 times
...
Stefania
6 months ago
That's definitely an XSS attack.
upvoted 0 times
...
Yaeko
6 months ago
I’m a bit confused, but I recall that directory traversal usually involves file paths, so I don’t think that’s it either.
upvoted 0 times
...
Lashon
6 months ago
This seems familiar; I practiced a question on parameter tampering, but I don’t think that fits here.
upvoted 0 times
...
Natalie
6 months ago
I'm not entirely sure, but I remember something about regex patterns being used for SQL injections too.
upvoted 0 times
...
Lea
6 months ago
I think this regex looks like it’s trying to match HTML tags, which makes me lean towards an XSS attack.
upvoted 0 times
...
Johnathon
6 months ago
Okay, I've got this. The auditee would likely want to assess the auditor's interviewing, interaction, and report accuracy - that's option A.
upvoted 0 times
...
William
6 months ago
I'm a bit confused by the "improved system performance" option. I'm not sure how that would relate to naming conventions for suppliers. I'll have to think about that one.
upvoted 0 times
...
Jacquline
6 months ago
I'm a bit unsure about this one. Importing an external schema into a WSDL document is a specific skill, and I want to make sure I get it right. I'll carefully read through the question and options, and try to reason through the correct way to handle this scenario.
upvoted 0 times
...
Tamar
6 months ago
I'm leaning towards C on this one. I seem to recall that if the client consents, we don't necessarily need a reinforcement procedure when using punishment. But I'll double-check my notes to be sure.
upvoted 0 times
...
Raul
6 months ago
I'm pretty sure challenge/response authentication is used to prevent replay attacks, so I'll go with option A.
upvoted 0 times
...

Save Cancel