contestada

A security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?
A. tracert
B. netstat
C. ping
D. nslookup

Respuesta :

CPED

Answer:

Option B. netstat

is the correct answer.

Explanation:

  • The word "netstat" is a combination of two words network statistics.
  • It is defined as a program which is controlled through commands that are issued in the command line.
  • It displays the network connections for network interfaces, routing tables Transmission Control Protocol (TCP) and UDP.
  • netstat command informs the user about portstand addresses and delivers the basic statistics on all network activities.
  • It is available for operating systems including:
  1. Unix
  2. Mac
  3. BSD
  4. Linux
  5. Solaris
  6. IBM
  7. Windows

i hope it will help you!

Otras preguntas

ACCESS MORE
EDU ACCESS
Universidad de Mexico