CompTIA Security+ SY0-601 – Question061

Data exfiltration analysis indicates that an attacker managed to download system configuration notes from a
web server. The web-server logs have been deleted, but analysts have determined that the system
configuration notes were stored in the database administrator's folder on the web server. Which of the following
attacks explains what occurred? (Choose two.)


A.
Pass-the-hash
B. Directory traversal
C. SQL injection
D. Privilege escalation
E. Cross-site scripting
F. Request forgery

Correct Answer: BC