Home
CompTIA
CompTIA Security+ SY0-701
Study Mode

CompTIA Security+ SY0-701 Practice Question

An attacker modifies a web application's URL by adding "../" sequences to access resources outside of the application's authorized files. What type of attack is being performed?

Directory traversal
Buffer overflow
Cross-site scripting
SQL injection

Next Question

Correct Incorrect Unanswered

Report Issue

Answer Description

This attack is a directory traversal. By inserting "../" into the URL, the attacker navigates the file system hierarchy to access files and folders that are outside the intended scope of the web application. This can lead to unauthorized access to sensitive files. Directory traversal exploits occur when input validation is insufficient on file path parameters. The other options are distinct types of attacks: SQL injection involves injecting malicious SQL queries into a database query, cross-site scripting (XSS) entails injecting malicious scripts into web content viewed by other users, and a buffer overflow occurs when too much data is sent to a fixed-length memory buffer, potentially allowing an attacker to execute arbitrary code.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.

What is input validation and why is it important in preventing directory traversal attacks?

Open an interactive chat with Bash

Can you explain how directory traversal attacks can lead to unauthorized access to sensitive files?

Open an interactive chat with Bash

What are some common protections against directory traversal attacks?

Open an interactive chat with Bash

CompTIA Security+ SY0-701

Threats, Vulnerabilities, and Mitigations

Your Score:

Settings & Objectives

General Security Concepts

Threats, Vulnerabilities, and Mitigations

Security Architecture

Security Operations

Security Program Management and Oversight

Random Mode

Random Mixed

Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.

Rotate by Objective

Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Hide Score

Check or uncheck an objective to set which questions you will receive.

Wipe Score

Report Issue

SAVE $49

CompTIA Security+ Voucher (SY0-701)

$404.00 $355.00

Bash, the Crucial Exams Chat Bot

AI Bot