CompTIA CySA+ (CS0-003) — Question 188

While reviewing the web server logs, a security analyst notices the following snippet:

..\../..\../boot.ini

Which of the following is being attempted?

Answer options

• A. Directory traversal
• B. Remote file inclusion
• C. Cross-site scripting
• D. Remote code execution
• E. Enumeration of /etc/passwd

Correct answer: A

Explanation

The correct answer is A, Directory traversal, as the sequence of '../' indicates an attempt to navigate up the directory structure to access files outside of the intended directory. Options B, C, D, and E do not fit the pattern shown in the log snippet, which specifically targets directory navigation rather than remote file access or execution vulnerabilities.