GAQM Exam CFA-001 Topic 1 Question 74 Discussion

Actual exam question for GAQM's CFA-001 exam

Question #: 74
Topic #: 1

Attackers can manipulate variables that reference files with "dot-dot-slash (./)" sequences and their variations such as http://www.juggyDoy.corn/GET/process.php./././././././././etc/passwd.

Identify the attack referred.

ADirectory traversal

BSQL Injection

CXSS attack

DFile injection

Show Suggested Answer

Suggested Answer: B

by Louvenia at Dec 12, 2023, 01:11 PM

Limited Time Offer

25%

Off

Get Premium CFA-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Mitzie

6 days ago

Haha, nice try with the SQL injection option, but this is clearly about navigating the file system, not the database.

upvoted 0 times

...

Devorah

10 days ago

I'm not sure, but I think it could also be File injection.

upvoted 0 times

...

Celestina

10 days ago

Definitely directory traversal! Those dot-dot-slash sequences are a classic giveaway.

upvoted 0 times

...

Nana

14 days ago

I agree with Tommy, because the example given involves manipulating file paths.

upvoted 0 times

...

Tommy

17 days ago

I think the attack referred is Directory traversal.

upvoted 0 times

...