ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 82 discussion

Actual exam question from CompTIA's CS0-003
Question #: 82
Topic #: 1
[All CS0-003 Questions]

A zero-day command injection vulnerability was published. A security administrator is analyzing the following logs for evidence of adversaries attempting to exploit the vulnerability:



Which of the following log entries provides evidence of the attempted exploit?

  • A. Log entry 1
  • B. Log entry 2
  • C. Log entry 3
  • D. Log entry 4
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by kmordalv at Sept. 10, 2023, 10:03 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CyberJackal
Highly Voted 1 year ago
Selected Answer: A
It's asking for a command injection, not SQL injection. C wouldn't even work because of the spaces in the URL.
upvoted 12 times
...
cy_analyst
Highly Voted 6 months, 3 weeks ago
Selected Answer: A
Log entry 1: Java EL injection attempt, likely used to run system commands. Log entry 2: XSS attack aimed at stealing cookies. Log entry 3: SQL injection attempt, manipulating the id parameter in a query. Log entry 4: Suspicious OAuth permission request for reading, writing, and sending emails and accessing files.
upvoted 11 times
...
dave_delete_me
Most Recent 11 months, 2 weeks ago
This question TOTALLY CONFUSES ME... I will just have to guess when I take the exam then brush up on my command injection syntax... :-(
upvoted 3 times
...
Melmen
1 year ago
By chat GPT is SQL injection, opcion C
upvoted 1 times
...
thisguyfucks
1 year, 1 month ago
Selected Answer: B
Answer is B, there attempting to steal a cookie
upvoted 3 times
BirdLawyer
1 year ago
I dont think so, first its not really a "command injection" exploit as stated in the question. Second the code is passing the user's cookies to the server not the other way around. While thats not a very good idea and could expose sensitive info about that cookie, its not very indicative of what the question is asking. A makes the most sense because they are using runtime which allows user input to execute on the webserver, even though in this case its just a nslookup that is performed.
upvoted 4 times
...
...
m025
1 year, 1 month ago
Selected Answer: C
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet/blob/main/The%20Alternative%20way%20of%20using%20And%200%20in%20SQL%20Injection/README.md
upvoted 1 times
...
FT000
1 year, 2 months ago
Selected Answer: C
I am not so good with coding, but C looks like an injection attack.
upvoted 3 times
...
Frog_Man
1 year, 4 months ago
Answer c - WASTE Encrypted File Sharing Program also uses this port. 1337 means "elite" in hacker/cracker spelling (1=L, 3=E, 7=T, "LEET"="ELITE"). Because of the reference, it may be used by some backdoors. VX Search is vulnerable to a buffer overflow, caused by improper bounds checking by 'Proxy Host Name' field.
upvoted 4 times
...
deeden
1 year, 4 months ago
Selected Answer: A
Agree with A. Without the syntax error, it might allow execution of arbitrary commands. Option B would allow capture of cookies data, which could also be a security concern. Option C looks like a benign sql code injection.
upvoted 2 times
...
kmordalv
1 year, 7 months ago
Selected Answer: A
Seems correct This entry appears to contain a command injection attempt in the URL using Java's Runtime class.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago