ExamGecko
Search Search Login
Home Home / CompTIA / CV0-004
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A network administrator is budding a site-to-site VPN tunnel from the company's headquarters office 10 the company's public cloud development network. The network administrator confirms the following: The VPN tunnel is established on the headquarter office firewall. While inside the office, developers report that they cannot connect to the development network resources. While outside the office on a client VPN, developers report that they can connect to the development network resources. The office and the client VPN have different IP subnet ranges. The firewall flow logs show VPN traffic is reaching the development network from the office. Which of the following is the next step the next network administrator should take to troubleshoot the VPN tunnel?
An organization located in Asia connects to a cloud infrastructure hosted in North America and Europe. Sporadic slowness has been observed when using the PaaS and laaS components. A diagnostic using the following commands was run, and the following results were collected: Which of the following is the most likely reason for the latency?
A developer at a small startup company deployed some code for a new feature to its public repository. A few days later, a data breach occurred. A security team investigated the incident and found that the database was hacked. Which of the following is the most likely cause of this breach?
A company uses containers to implement a web application. The development team completed internal testing of a new feature and is ready to move the feature to the production environment. Which of the following deployment models would best meet the company's needs while minimizing cost and targeting a specific subset of its users?
A cloud engineer wants to run a script that increases the volume storage size if it is below 100GB. Which of the following should the engineer run?
Which of the following are best practices when working with a source control system? (Select two).
A company operates a website that allows customers to upload, share, and retain tull ownership of their photographs. Which of the following could affect image ownership as the website usage expands globally?
A cloud administrator is building a company-standard VM image, which will be based on a public image. Which of the following should the administrator implement to secure the image?
A company hosts various containerized applications for business uses. A client reports that one of its routine business applications fails to load the web-based login prompt hosted in the company cloud. INSTRUCTIONS Click on each device and resource. Review the configurations, logs, and characteristics of each node in the architecture to diagnose the issue. Then, make the necessary changes to the WAF configuration to remediate the issue. Web app 1 Web app 2 Web app 3 Web app 4 Client app
The company's IDS has reported an anomaly. The cloud engineer remotely accesses the cloud instance, runs a command, and receives the following information: Which of the following is the most likely root cause of this anomaly?

Question 181 - CV0-004 discussion

Report
Export

A cloud security analyst is investigating the impact of a recent cyberattack. The analyst is reviewing the following information:

Web server access log:

104.210.233.225 - - [21/10/2022:11:17: 40] 'POST /uploadfile.html?f=myfile.php' 200 1638674

45.32.10.66 - - [21/10/2022:11:19:12] 'GET /welcome.html' 200 5812

104.210.233.225 - - [21/10/2022:11:21:19] 'GET / .. / .. / .. / .. /conf/server.xml HTTP/1.1' 200 74458

45.32.10.66 - - [21/10/22:11:22:32] 'GET /admin.html HTTP/1.1' 200 9518

Web application firewall log:

'2022/10/21 11:17:33' '10.25.2.35' '104. 210.233.225' 'userl' 'File transfer completed successfully.'

'2022/10/21 11:21:05' '10. 25.2. 35' '104. 210.233.225' 'userl' 'Accessed application page.'

'2022/10/21 11:22:13' '10.25.2.35' '45. 32. 10. 66' 'user2' 'Accessing admin page. '

Which of the following has occurred?

A.
The corporate administration page was defaced by the attacker.
Answers
A.
The corporate administration page was defaced by the attacker.
B.
A denial-of-service attack was successfully performed on the web server.
Answers
B.
A denial-of-service attack was successfully performed on the web server.
C.
A new user was created on the web server by the attacker.
Answers
C.
A new user was created on the web server by the attacker.
D.
Sensitive information from the corporate web server was leaked.
Answers
D.
Sensitive information from the corporate web server was leaked.
Suggested answer: D

Explanation:

The logs indicate that the IP address 104.210.233.225 made a GET request that appears to traverse directories (as indicated by the '/../../') to access 'server.xml', which is a configuration file for the server. This type of request is indicative of a directory traversal attack, which can lead to unauthorized access to sensitive files on the server. The successful 200 response code suggests that the file was accessed, implying that sensitive configuration data could have been leaked.

Reference: CompTIA Cloud+ Certification Study Guide (Exam CV0-004) by Scott Wilson and Eric Vanderburg

Show Answer
asked 02/10/2024
Dipuo Ngwenya
27 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms