Law enforcement officials have notified an organization that one of its internal servers is suspected of being a command-and-control server for a malicious botnet. The organization's security analyst has been tasked with analyzing the internal server for indications of compromise. During the investigation, the analyst reviews the processes running on the server and sees the following: Which of the following processes warrants further investigation?

Questions › Category: CS0-002 › Law enforcement officials have notified an organization that one of its internal servers is suspected of being a command-and-control server for a malicious botnet. The organization's security analyst has been tasked with analyzing the internal server for indications of compromise. During the investigation, the analyst reviews the processes running on the server and sees the following: Which of the following processes warrants further investigation?

0 Vote Up Vote Down

Admin Staff asked 4 months ago

Law enforcement officials have notified an organization that one of its internal servers is suspected of being a command-and-control server for a malicious botnet. The organization's security analyst has been tasked with analyzing the internal server for indications of compromise. During the investigation, the analyst reviews the processes running on the server and sees the following:
 
Which of the following processes warrants further investigation?

A. cmd.exe

B. iexplore

C. nc.exe

D. notepad.exe








 

Suggested Answer: A

Community Answer: C



This question is in CS0-002 CompTIA Cybersecurity Analyst (CySA+) Exam
For getting CompTIA Cybersecurity Analyst (CySA+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.

A digital forensics investigator works from duplicate images to preserve the integrity of the original evidence. Which of the following types of media are MOST volatile and should be preserved? (Choose two.)

Recommended

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Fortinet NSE 4 – FortiOS 7.2 certificate

Welcome Back!

Create New Account!

Retrieve your password