A security analyst is investigating a security breach. Upon inspection of the audit an access logs, the analyst notices the host was accessed and the /etc/passwd file was modified with a new entry for username "gotcha" and user ID of 0. Which of the following are the MOST likely attack vector and tool the analyst should use to determine if the attack is still ongoing? (Select TWO)
A) Logic bomb
B) Backdoor
C) Keylogger
D) Netstat
E) Tracert
F) Ping
Correct Answer:
Verified
Q222: A security administrator is reviewing the following
Q223: A vulnerability scan is being conducted against
Q224: Which of the following allows an auditor
Q225: A security administrator wants to configure a
Q226: A wireless network has the following design
Q228: A network administrator adds an ACL to
Q229: A penetration tester harvests potential usernames from
Q230: A security analyst is working on a
Q231: A security analyst is updating a BIA
Q232: A security engineer wants to implement a
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents