A security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?
A) tracert
B) netstat
C) ping
D) nslookup
Correct Answer:
Verified
Q10: An auditor wants to test the security
Q11: Which of the following BEST describes an
Q12: Which of the following types of cloud
Q13: An organization has determined it can tolerate
Q14: Which of the following explains why vendors
Q16: A company determines that it is prohibitively
Q17: In a corporation where compute utilization spikes
Q18: Despite having implemented password policies, users continue
Q19: A security engineer is configuring a system
Q20: Which of the following best describes routine
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents