Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Logical Operations Exam CFR-210 Topic 7 Question 60 Discussion

Actual exam question for Logical Operations's CFR-210 exam
Question #: 60
Topic #: 7
[All CFR-210 Questions]

An incident responder notices many entries in an apache access log file that contain semicolons. Which of the following attacks is MOST likely being attempted?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Alpha at Apr 11, 2024, 09:10 AM

Limited Time Offer

25%

Off

Get Premium CFR-210 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Garry
6 months ago
I'm going with A) SQL injection as well, because semicolons are commonly used in SQL statements.
upvoted 0 times
...
Hillary
6 months ago
I agree with King, I think it's more likely to be D) Cross-site scripting.
upvoted 0 times
...
King
6 months ago
I believe it could also be D) Cross-site scripting.
upvoted 0 times
...
Frank
6 months ago
I think the answer is A) SQL injection.
upvoted 0 times
...
Kanisha
7 months ago
I don't think so, because semicolons are not commonly used in XSS attacks.
upvoted 0 times
...
Alease
7 months ago
But couldn't it also be D) Cross-site scripting?
upvoted 0 times
...
Alpha
7 months ago
I agree with because semicolons are often used in SQL injection attacks.
upvoted 0 times
...
Selene
7 months ago
I think the answer is A) SQL injection.
upvoted 0 times
...
Samira
8 months ago
Okay, but what if the app is using some weird, obscure database technology that uses semicolons for something else? I'm not locking in my answer just yet.
upvoted 0 times
...
Adelaide
8 months ago
Hold up, let me consult my trusty hacker's handbook. *frantically flips pages* Aha, here it is! Semicolons in the logs = SQL injection, no question.
upvoted 0 times
...
Stephaine
8 months ago
You know, I heard a rumor that the exam writers sometimes throw in trick questions just to see if we're paying attention. Maybe this is one of those...
upvoted 0 times
Jesusita
7 months ago
D) Cross-site scripting
upvoted 0 times
...
Valentine
7 months ago
Could be a trick question.
upvoted 0 times
...
Jesus
7 months ago
A) SQL injection
upvoted 0 times
...
...
Desire
8 months ago
Account brute force? Nah, that wouldn't leave any trace in the Apache logs. Cross-site scripting maybe, but the semicolons are a bit of a giveaway.
upvoted 0 times
...
Cletus
8 months ago
Hmm, I'm not so sure. Remote file inclusion could also be a possibility if the app is using unsanitized user input in file paths or URLs.
upvoted 0 times
...
Emilio
8 months ago
Haha, this question is straight out of the security examiner's playbook! Semicolons in the Apache log? Gotta be SQL injection, no doubt about it.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77