CompTIA Security+ (SY0-601) — Question 264

A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicate a directory traversal attack has occurred. Which of the following is the analyst MOST likely seeing?

Answer options

• A. http://sample.url.com/Please-Visit-Our-Phishing-Site
• B. http://sample.url.com/someotherpageonsite/../../../etc/shadow
• C. http://sample.url.com/select-from-database-where-password-null
• D. http://redirect.sameple.url.sampleurl.com/malicious-dns-redirect

Correct answer: B

Explanation

The correct answer, B, shows a path traversal attempt where the URL is trying to access sensitive files like '/etc/shadow' by navigating up the directory structure. Options A, C, and D do not demonstrate directory traversal; they represent either phishing, a SQL injection attempt, or a DNS redirection, which are different types of attacks.