A security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to207.46.130.0:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?
A. tracert
B. netstat
C. ping
D. nslookup
Answer: B. netstat
Computer Science & Information Technology
You might also like to view...
Which of the following are QoS issues for a VoIP network?
a. Jitter b. Network latency and packet loss c. Queuing d. All the above are issues
Computer Science & Information Technology
What character is used to signify the beginning of a comment statement?
(A) asterisk (B) exclamation mark (C) apostrophe (D) backslash
Computer Science & Information Technology