Monday, April 23, 2018

Security+ and Log Entries

Are you preparing for the SY0-401 and SY0-501 Security+ exam? If so, you might like to review some information on log entries.

As an example, consider the following Security+ practice test question that I recently added to the test banks on the gcgapremium.com site.

Q. Your IPS recently raised an alert from the following log entry on of your organization’s web servers:
04/23/18 23:13:50 httpd: GET /wp/forms/process.php?input=cd%20../../../etc;cat%20shadow
Based on this log entry, which of the following is MOST likely occurring

A. False negative
B. XSS attack
C. Command injection attack
D. Password attack
E. Buffer overflow attack

Can you answer it? Check out the answer and full explanation here.