A systems administrator receives reports of an internet-accessible Linux server that is running very sluggishly. The administrator examines the server, sees a high amount of memory utilization, and suspects a DoS attack related to half-open TCP sessions consuming memory. Which of the following tools would best help to prove whether this server was experiencing this behavior? A. Nmap B. TCPDump C. SIEM D. EDR Â Suggested Answer: B Community Answer: B This question is in CS0-003 CompTIA Cybersecurity Analyst (CySA+) Exam For getting CompTIA Cybersecurity Analyst (CySA+) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by CompTIA. Trademarks, certification & product names are used for reference only and belong to CompTIA. The website does not contain actual questions and answers from CompTIA's Certification Exams.
Please login or Register to submit your answer