Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM Exam CFA-001 Topic 1 Question 74 Discussion

Actual exam question for GAQM's CFA-001 exam
Question #: 74
Topic #: 1
[All CFA-001 Questions]

Attackers can manipulate variables that reference files with "dot-dot-slash (./)" sequences and their variations such as http://www.juggyDoy.corn/GET/process.php./././././././././etc/passwd.

Identify the attack referred.

Show Suggested Answer Hide Answer
Suggested Answer: B

by Louvenia at Dec 12, 2023, 01:11 PM

Limited Time Offer

25%

Off

Get Premium CFA-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Lashanda
2 months ago
Wow, someone really needs to clean up their URL. '/etc/passwd'? That's just asking for trouble!
upvoted 0 times
Vonda
22 days ago
B) SQL Injection
upvoted 0 times
...
Dong
24 days ago
Yeah, that's definitely a directory traversal attack.
upvoted 0 times
...
Jerry
1 months ago
A) Directory traversal
upvoted 0 times
...
...
Felicia
3 months ago
File injection, eh? That's a creative guess, but I think the 'dot-dot-slash' clue gives it away as a directory traversal attack.
upvoted 0 times
Adelina
1 months ago
Exactly, the 'dot-dot-slash' is a common technique used in directory traversal attacks.
upvoted 0 times
...
Raina
1 months ago
A) Directory traversal
upvoted 0 times
...
Leigha
2 months ago
You're right, the 'dot-dot-slash' clue is a giveaway for directory traversal.
upvoted 0 times
...
Azalee
2 months ago
B) SQL Injection
upvoted 0 times
...
Tien
2 months ago
You're right, it's a directory traversal attack.
upvoted 0 times
...
Norah
3 months ago
A) Directory traversal
upvoted 0 times
...
Kaycee
3 months ago
A) Directory traversal
upvoted 0 times
...
...
Amina
3 months ago
XSS? Come on, this is all about accessing sensitive files, not injecting code into a webpage.
upvoted 0 times
...
Mitzie
3 months ago
Haha, nice try with the SQL injection option, but this is clearly about navigating the file system, not the database.
upvoted 0 times
Ethan
2 months ago
B) SQL Injection
upvoted 0 times
...
Ethan
3 months ago
A) Directory traversal
upvoted 0 times
...
Victor
3 months ago
B) SQL Injection
upvoted 0 times
...
Victor
3 months ago
A) Directory traversal
upvoted 0 times
...
...
Devorah
3 months ago
I'm not sure, but I think it could also be File injection.
upvoted 0 times
...
Celestina
3 months ago
Definitely directory traversal! Those dot-dot-slash sequences are a classic giveaway.
upvoted 0 times
Caitlin
2 months ago
It's a common technique to access unauthorized files.
upvoted 0 times
...
Stefan
2 months ago
A) Directory traversal
upvoted 0 times
...
Loreta
3 months ago
Yes, attackers use those sequences to navigate through directories.
upvoted 0 times
...
Nakisha
3 months ago
A) Directory traversal
upvoted 0 times
...
...
Nana
4 months ago
I agree with Tommy, because the example given involves manipulating file paths.
upvoted 0 times
...
Tommy
4 months ago
I think the attack referred is Directory traversal.
upvoted 0 times
...

Save Cancel