CySA+ CS0-001 – Q. 327


A security analyst wants to confirm a finding from a penetration test report on the internal web server. To do so, the analyst logs into the web server using SSH to send the request locally. The report provides a link to https://hrserver.internal/ ../../etc/passwd, and the server IP address is
However, after several attempts, the analyst cannot get the file, despite attempting to get it using different ways, as shown below.

Which of the following would explain this problem? (Choose two.)

A. The web server uses SNI to check for a domain name
B. Requests can only be sent remotely to the web server
C. The password file is write protected
D. The web service has not started