CompTIA PenTest+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the CompTIA PenTest+ Exam. Study with flashcards and multiple choice questions; each comes with hints and explanations. Get ready for your certification!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What is the term for accessing files from unauthorized locations by manipulating the file path?

  1. Directory Traversal

  2. URL Spoofing

  3. File Injection

  4. Command Injection

The correct answer is: Directory Traversal

The term that refers to accessing files from unauthorized locations by manipulating the file path is Directory Traversal. This type of attack occurs when an attacker is able to exploit a vulnerability in a web application to gain access to files and directories that are outside of the web server's root directory. By crafting a specific file path that includes sequences like "../", the attacker can navigate up the directory structure and access sensitive files, such as configuration files or user data, which should not be publicly accessible. Other options, although related to security vulnerabilities, refer to different types of attacks. URL Spoofing typically involves creating a deceptive URL to mislead users about the source of a webpage, while File Injection is more about placing malicious files on a server through vulnerabilities. Command Injection involves executing arbitrary commands on the host operating system via an application, rather than manipulating file paths. Hence, the concept of Directory Traversal is specifically linked to the issue of unauthorized file access through path manipulation.

More Questions Like This