A network administrator who manages a Linux web server notices the following traffic:
http://comptia.org/../../../../etc/shadow
Which of the following is the BEST action for the network administrator to take to defend against this type of web attack?
The given URL suggests a directory traversal attack attempt, which involves an attacker trying to access restricted directories on a server by manipulating URL paths. The best defense against this type of web attack is to validate the server input and ensure that user input does not allow navigation outside of intended directories. By validating and sanitizing the input, the server can prevent unauthorized access to sensitive files such as /etc/shadow.
B. Validate the server input and append the input to the base directory path. The provided URL http://comptia.org/../../../../etc/shadow suggests a directory traversal attack attempt. The attacker is trying to navigate to sensitive system files by using "../" to traverse up the directory structure. To defend against this type of attack, the network administrator should validate the server input. By doing so, the administrator can ensure that user input is properly sanitized and does not allow navigation outside of the intended directory structure.
I agree with the first part, but since this is a directory traversal attack, why would ewe append input to the base directory path? That does not make any sense to me
Imagine a secret fort. You tell friends the entrance code (server security). But a trickster might try sneaky directions (directory traversal). To stop them, you give a special starting point everyone must say first (base directory path). This way, they can only reach allowed areas (authorized files).
B. is the opposite of need to do, but guessing "validate" could mean "sanitize" then... Definitions of "validate" verb: check or prove the validity or accuracy of (something),
I'm going with C on this one. B sounds plausible until you read the rest. This is a directory path attack, why would you want to append anything to the base directory? I'm choosing C over D because MFA may not directly address the issue of directory traversal attacks or other malicious activity targeting the web server. MFA is effective in protecting against credential-based attacks, such as password guessing or phishing, but it may not prevent attacks that exploit vulnerabilities in the web server or its applications.