New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM CFA-001 Exam - Topic 4 Question 107 Discussion

Actual exam question for GAQM's CFA-001 exam
Question #: 107
Topic #: 4
[All CFA-001 Questions]

A system with a simple logging mechanism has not been given much attention during development, this system is now being targeted by attackers, if the attacker wants to perform a new line injection attack, what will he/she inject into the log file?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Mireya at May 02, 2025, 08:57 AM

Limited Time Offer

25%

Off

Get Premium CFA-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Vilma
2 months ago
Wait, people can really do that with logs? That's wild!
upvoted 0 times
...
Mattie
2 months ago
Definitely, plaintext is the easiest way to go!
upvoted 0 times
...
Gennie
2 months ago
I think they’d inject plaintext.
upvoted 0 times
...
Dan
3 months ago
HTML tags? Seems a bit off for a log injection.
upvoted 0 times
...
Dino
3 months ago
Not so sure about that, multiple pipes could work too.
upvoted 0 times
...
Sue
3 months ago
I feel like HTML tags could be a distraction here, but I can't shake the feeling that the answer is more about the structure of the log itself.
upvoted 0 times
...
Ashlyn
3 months ago
This question feels familiar; I practiced one about log injection before. I wonder if it's the single pipe character or something else entirely.
upvoted 0 times
...
Julian
4 months ago
I think it might be something like a newline character, but I can't recall if it's just plain text or something more specific.
upvoted 0 times
...
Santos
4 months ago
I remember something about new line injection being related to how logs handle input, but I'm not sure what exactly to inject.
upvoted 0 times
...
Marci
4 months ago
I think the answer is C, multiple pipe characters. That's the classic way to perform a new line injection attack, right?
upvoted 0 times
...
Regenia
4 months ago
I'm a bit confused by the wording of this question. Can an attacker really inject anything they want into a log file? I'll have to review my notes on this type of attack.
upvoted 0 times
...
Raelene
4 months ago
Okay, let's see... If the attacker wants to perform a new line injection attack, they would likely inject a newline character, so I'm going to go with option C.
upvoted 0 times
...
Yuki
5 months ago
Hmm, I'm not entirely sure about this one. I'll need to think it through carefully.
upvoted 0 times
...
Celeste
5 months ago
This seems like a straightforward question about new line injection attacks. I'm pretty confident I know the answer.
upvoted 0 times
...
Golda
8 months ago
I agree with Alex, plaintext seems like a safer option for the attacker.
upvoted 0 times
...
Alex
9 months ago
I think the attacker will inject plaintext to avoid detection.
upvoted 0 times
...
Anglea
9 months ago
Option C all the way! Gotta love those multiple pipe characters. It's like seasoning for your log file, am I right?
upvoted 0 times
Bulah
8 months ago
C) Multiple pipe characters
upvoted 0 times
...
Dion
8 months ago
C) Multiple pipe characters
upvoted 0 times
...
Evan
8 months ago
B) Single pipe character
upvoted 0 times
...
Denise
9 months ago
A) Plaintext
upvoted 0 times
...
Cortney
9 months ago
B) Single pipe character
upvoted 0 times
...
Bulah
9 months ago
A) Plaintext
upvoted 0 times
...
...
Genevieve
9 months ago
I disagree, I believe the attacker will inject HTML tags.
upvoted 0 times
...
Velda
9 months ago
Ah, the age-old new line injection question. Option C is the way to go, my friend. Multiple pipe characters are the hackers' weapon of choice.
upvoted 0 times
France
8 months ago
Definitely, security should always be a top priority in software development.
upvoted 0 times
...
Eva
8 months ago
So, it's important to always sanitize user input to prevent such attacks.
upvoted 0 times
...
Minna
9 months ago
That's correct! Multiple pipe characters can be used to perform a new line injection attack.
upvoted 0 times
...
Leonida
9 months ago
Option C) Multiple pipe characters
upvoted 0 times
...
...
Julian
9 months ago
Hmm, this one's tricky. I'm leaning towards option D, just to spice things up a bit. Inject some HTML tags, make the log file more interesting, you know?
upvoted 0 times
...
Lavonda
9 months ago
I think the attacker will inject multiple pipe characters.
upvoted 0 times
...
Willow
10 months ago
I'm going with option A. Plaintext is the way to go, keep it simple and straightforward.
upvoted 0 times
Jesusa
8 months ago
A: Really? I still think plaintext is the safest option.
upvoted 0 times
...
Colette
8 months ago
B: No, I believe they would inject HTML tags.
upvoted 0 times
...
Jolene
9 months ago
A: I think the attacker would inject multiple pipe characters.
upvoted 0 times
...
...
Laurel
10 months ago
Definitely option C. Multiple pipe characters are a classic for new line injection attacks. This is a textbook example.
upvoted 0 times
Ethan
8 months ago
Yes, we should definitely prioritize securing our logging mechanisms to prevent attacks like this.
upvoted 0 times
...
Vallie
9 months ago
It's important to always be aware of potential vulnerabilities like this in our systems.
upvoted 0 times
...
Anglea
9 months ago
I agree, multiple pipe characters are commonly used for new line injection attacks.
upvoted 0 times
...
...

Save Cancel