Which of the following should the security analyst do to determine if the compromised system still has an active connection?

A Security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.6666.

Which of the following should the security analyst do to determine if the compromised system still has an active connection?
A . tracert
B . netstat
C . Ping
D . nslookup

Answer: B

Latest SY0-501 Dumps Valid Version with 1130 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments