CompTIA Security+ (SY0-601) — Question 730

Data exfiltration analysis indicates that an attacker managed to download system configuration notes from a web server. The web-server logs have been deleted, but analysts have determined that the system configuration notes were stored in the database administrator's folder on the web server. Which of the following attacks explains what occurred? (Choose two.)

Answer options

• A. Pass-the-hash
• B. Directory traversal
• C. SQL injection
• D. Privilege escalation
• E. Cross-site scripting
• F. Request forgery

Correct answer: B, D

Explanation

The correct answers are B and D. Directory traversal allows attackers to access files outside of the intended directory, which would explain how the attacker accessed the system configuration notes. Privilege escalation might have occurred if the attacker gained higher-level access to the database administrator's folder, enabling them to download sensitive files. The other options do not directly relate to this scenario of accessing and downloading specific files.