Which of the following is the GREATEST security concern?

During a routine review of service restarts a security analyst observes the following in a server log:

Which of the following is the GREATEST security concern?
A . The daemon’s binary was AChanged
B. Four consecutive days of monitoring are skipped in the tog
C. The process identifiers for the running service change
D. The PIDs are continuously changing

View Answer

Answer: A

Explanation:

A daemon is a program that runs in the background on a system and performs certain tasks or services without user intervention. A daemon’s binary is the executable file that contains the code and instructions for the daemon to run. The server log shows that the daemon’s binary was changed on Aug 1 2020 at 00:00:01 by an unknown user with UID 0 (root). This is the greatest security concern, because it could indicate that an attacker has gained root access to the system and modified the daemon’s binary with malicious code that could compromise the system’s security or functionality. Four consecutive days of

monitoring being skipped in the log, the process identifiers for the running service changing, or the PIDs continuously changing are not security concerns, but rather normal events that could occur due to system maintenance, updates, restarts, or scheduling.

Reference: https://www.linux.com/training-tutorials/what-are-linux-daemons/