Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam 312-39 Topic 8 Question 85 Discussion

Actual exam question for Eccouncil's 312-39 exam
Question #: 85
Topic #: 8
[All 312-39 Questions]

John, a SOC analyst, while monitoring and analyzing Apache web server logs, identified an event log matching Regex /(\.|(%|%25)2E)(\.|(%|%25)2E)(\/|(%|%25)2F|\\|(%|%25)5C)/i.

What does this event log indicate?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Beckie at Jul 02, 2024, 02:05 AM

Limited Time Offer

25%

Off

Get Premium 312-39 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Azalee
4 days ago
This looks like a classic directory traversal attack to me. The regex pattern searches for suspicious directory traversal patterns, so C is the correct answer.
upvoted 0 times
...
Millie
4 days ago
I believe it could also be a Parameter Tampering Attack, as the Regex pattern seems to indicate manipulation of parameters.
upvoted 0 times
...
Karrie
5 days ago
I agree with Freeman, the Regex pattern matches the Directory Traversal Attack.
upvoted 0 times
...
Freeman
17 days ago
I think the event log indicates a Directory Traversal Attack.
upvoted 0 times
...

Save Cancel