From where can clues about the underlying application environment can be collected?
A.
From the extension of the file
B.
From executable file
C.
From file types and directories
D.
From source code
where can clues about the underlying application environment can be collected?
From where can clues about the underlying application environment can be collected?
A
D based on Penetration Testing: Network Threat Testing
https://books.google.com.sg/books?id=JUcIAAAAQBAJ&pg=SA3-PA3&lpg=SA3-PA3&dq=where+can+clues+about+underlying+application+environment&source=bl&ots=NseHi7WL5o&sig=GhcA5XU65BcbhV_tcdHHf_QCQCw&hl=en&sa=X&ei=Q31dVe6JAcPVuQSGzYKACA&ved=0CCMQ6AEwAQ#v=onepage&q=where%20can%20clues%20about%20underlying%20application%20environment&f=false
ECSA Module 16, Page 549
The source code from the immediately accessible pages of the application front-end may give clues as to the underlying application environment.
According to ECSA courseware, D is the correct answer. However, in practice, we can tell the underlying application environment simply by the extension of the file, such as asp, aspx, php, jsp, and so on. In very few cases, if the administrator of the web application want to obscure the underlying application environment and fool the attackers, they will change the extension by editing the config files of the web server software.