Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. CompTIA
  4. CompTIA CASP
  5. CAS-004 Discussions
  6. CAS-004 Exam Topic 9 Question 79 Discussion
 CompTIA Discussions
Exam CAS-004 All Questions
Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam

Go to Exam

CompTIA CASP CAS-004 Question # 79 Topic 9 Discussion

CAS-004 Exam Topic 9 Question 79 Discussion:
Question #: 79
Topic #: 9

A security engineer is reviewing Apache web server logs and has identified the following pattern in the log:

GET https://example.com/image5/../../etc/passwd HTTP/1.1 200 OK

The engineer has also reviewed IDS and firewall logs and established a correlation to an external IP address. Which of the following can be determined regarding the vulnerability and response?
A.

A cross-site scripting attack was successful at reading the /etc/passwd file, and the system should avoid passing user-supplied input to REST API.

B.

A cross-site request forgery attack was successful at reading the /etc/passwd file, and the system should avoid passing user-supplied input to HTTP POST commands.

C.

A directory traversal attack was successful at reading the /etc/passwd file, and the system should avoid passing user-supplied input to the filesystem.

D.

A brute-force authentication attempt was successful, and the system should implement salting as part of the password hashing algorithm.

Get Premium CAS-004 Questions
Actual exam question for CompTIA CAS-004 exam by Echo4030 at May 2, 2026, 10:52:05 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit