CompTIA CASP+ (CAS-004) — Question 530

A network administrator who manages a Linux web server notices the following traffic:

http://comptia.org/../../../../etc/shadow

Which of the following is the BEST action for the network administrator to take to defend against this type of web attack?

Answer options

• A. Validate the server certificate and trust chain.
• B. Validate the server input and append the input to the base directory path.
• C. Validate that the server is not deployed with default account credentials.
• D. Validate that multifactor authentication is enabled on the server for all user accounts.

Correct answer: B

Explanation

The correct answer is B, as validating server input and ensuring it is appropriately appended to the base directory path helps prevent directory traversal attacks like the one shown. Options A, C, and D, while important security practices, do not specifically address the vulnerability presented by the attempt to access the /etc/shadow file via URL manipulation.