An engineer received a call to assist with an ongoing DDoS attack. The Apache server is being targeted, and availability is compromised. Which step should be taken to identify the origin of the threat?
A) An engineer should check the list of usernames currently logged in by running the command $ who | cut -d' ' -f1| sort | uniq An engineer should check the list of usernames currently logged in by running the command $ who | cut -d' ' -f1| sort | uniq
B) An engineer should check the server's processes by running commands ps -aux and sudo ps -a . An engineer should check the server's processes by running commands ps -aux and sudo ps -a .
C) An engineer should check the services on the machine by running the command service -status-all . An engineer should check the services on the machine by running the command service -status-all
D) An engineer should check the last hundred entries of a web server with the command sudo tail -100 /var/log/apache2/access.log . An engineer should check the last hundred entries of a web server with the command sudo tail -100 /var/log/apache2/access.log
Correct Answer:
Verified
Q2: What is the function of a disassembler?
A)
Q3: An "unknown error code" is appearing on
Q4: Which information is provided bout the object
Q5: An attacker embedded a macro within a
Q6: Q7: A security team received an alert of Q8: Which scripts will search a log file Q9: A security team is discussing lessons learned Q10: Q11: Unlock this Answer For Free Now! View this answer and more for free by performing one of the following actions Scan the QR code to install the App and get 2 free unlocks Unlock quizzes for free by uploading documents
