FreeCram
  1. Home
  2. Cisco
  3. Implementing Cisco Cybersecurity Operations
  4. Cisco.210-255.v2018-06-05.q62
  5. Question 54
<< Prev Question Next Question >>

Question 54/62

A CMS plugin creates two filters that are accessible from the Internet: myplugin.html and exploitable.php. A newly discovered exploit takes advantage of an injection vulnerability in exploitable.php. To exploit the vulnerability, one must send an HTTP POST with specific variables to exploitable.php. You see traffic to your webserver that consists of only HTTP GET requests to myplugin.html. Which category best describes this activity?

Recent Comments (The most recent comments are at the top.)

CyberSecurity - Feb 06, 2019

B is the correct answer

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (62q)
Question 1: Which two options can be used by a threat actor to determine...
2 commentQuestion 2: Which type of analysis assigns values to scenarios to see wh...
Question 3: (Exhibit) Refer to the exhibit. What can be determined from ...
Question 4: Which element is included in an incident response plan?...
Question 5: Which option is generated when a file is run through an algo...
1 commentQuestion 6: In the context of incident handling phases, which two activi...
Question 7: From a security perspective, why is it important to employ a...
Question 8: A user on your network receives an email in their mailbox th...
1 commentQuestion 9: DRAG DROP Drag and drop the elements of incident handling fr...
Question 10: Which option can be addressed when using retrospective secur...
2 commentQuestion 11: (Exhibit) Refer to the exhibit. Which application protocol i...
Question 12: Which information must be left out of a final incident repor...
Question 13: Which description of a retrospective malware detection is tr...
Question 14: What information from HTTP logs can be used to find a threat...
1 commentQuestion 15: During which phase of the forensic process are tools and tec...
Question 16: Which two components are included in a 5-tuple? (Choose two....
Question 17: Which CVSSv3 metric value increases when the attacker is abl...
Question 18: What is accomplished in the identification phase of incident...
1 commentQuestion 19: Which option filters a LibPCAP capture that used a host as a...
Question 20: Which source provides reports of vulnerabilities in software...
Question 21: Which identifies both the source and destination location?...
Question 22: (Exhibit) Refer to the exhibit. You notice that the email vo...
1 commentQuestion 23: Which option creates a display filter on Wireshark on a host...
2 commentQuestion 24: Which two HTTP header fields relate to intrusion analysis? (...
Question 25: An organization has recently adjusted its security stance in...
Question 26: What mechanism does the Linux operating system provide to co...
Question 27: Which regular expression matches "color" and "colour"?...
1 commentQuestion 28: Which process is being utilized when IPS events are removed ...
3 commentQuestion 29: Which CVSSv3 Attack Vector metric value requires the attacke...
Question 30: Which element can be used by a threat actor to discover a po...
4 commentQuestion 31: You see confidential data being exfiltrated to an IP address...
Question 32: (Exhibit) Refer to the exhibit. We have performed a malware ...
Question 33: In Microsoft Windows, as files are deleted the space they we...
2 commentQuestion 34: Which stakeholder group is responsible for containment, erad...
Question 35: DRAG DROP (Exhibit) Refer to the exhibit. Drag and drop the ...
Question 36: Which network device creates and sends the initial packet of...
Question 37: DRAG DROP Drag and drop the type of evidence from the left o...
2 commentQuestion 38: You have run a suspicious file in a sandbox analysis tool to...
3 commentQuestion 39: You see 100 HTTP GET and POST requests for various pages on ...
Question 40: DRAG DROP (Exhibit) Refer to the exhibit. Drag and drop the ...
Question 41: During which phase of the forensic process is data that is r...
Question 42: Which type of analysis allows you to see how likely an explo...
Question 43: Which option has a drastic impact on network traffic because...
1 commentQuestion 44: Which data element must be protected with regards to PCI?...
2 commentQuestion 45: Which feature is used to find possible vulnerable services r...
Question 46: (Exhibit) Refer to the exhibit. A customer reports that they...
Question 47: Which data type is protected under the PCI compliance framew...
Question 48: Which CVSSv3 metric captures the level of access that is req...
Question 49: Which option is a misuse variety per VERIS enumerations?...
1 commentQuestion 50: When performing threat hunting against a DNS server, which t...
Question 51: Which element is part of an incident response plan?...
Question 52: Which statement about threat actors is true?...
3 commentQuestion 53: Which CVSSv3 metric value increases when attacks consume net...
1 commentQuestion 54: A CMS plugin creates two filters that are accessible from th...
Question 55: Which option allows a file to be extracted from a TCP stream...
Question 56: (Exhibit) Refer to the exhibit. Which type of log is this an...
Question 57: You receive an alert for malicious code that exploits Intern...
Question 58: In VERIS, an incident is viewed as a series of events that a...
Question 59: (Exhibit) Refer to the exhibit. Which type of log is this an...
2 commentQuestion 60: Which component of the NIST SP800-61 r2 incident handling st...
2 commentQuestion 61: (Exhibit) Refer to the exhibit. Which packet contains a file...
Question 62: Which goal of data normalization is true?...