Question

A security analyst is investigation an incident that was first reported as an issue connecting to

network shares and the internet, While reviewing logs and tool output, the analyst sees the
following: Which of the following attacks has occurred?
A. IP conflict
B. Pass-the-hash
C. MAC flooding
D. Directory traversal
E. ARP poisoning

Answer 1

The attack that has occurred is Directory traversal. It involves accessing files and directories outside of the web server's root directory, potentially leading to unauthorized access to sensitive information.

Step-by-step explanation:

The attack that has occurred is Directory traversal. Directory traversal is an attack where an attacker can access files and directories outside of the web server's root directory. In this case, the incident involves connecting network shares and the internet, which suggests that the attacker is trying to access files or directories on the network shares that they should not have access to.

By exploiting a vulnerability in the application or system, the attacker is able to navigate through directories and retrieve sensitive information that they should not have access to. This could lead to unauthorized access to sensitive data, such as financial records, personal information, or confidential documents.

To prevent directory traversal attacks, it is important to use secure coding practices, such as input validation and output encoding, to ensure that user-supplied input is properly handled and does not allow for directory traversal.