You find the following entries in your web log. Each shows attempted access to either root.exe or cmd.exe.
What caused this?
A . The Morris worm
B . The PIF virus
C . Trinoo
D . Nimda
E . Code Red
F . Ping of Death
Answer: D
Explanation:
The Nimda worm modifies all web content files it finds. As a result, any user browsing web content on the system, whether via the file system or via a web server, may download a copy of the worm. Some browsers may automatically execute the downloaded copy, thereby, infecting the browsing system. The high scanning rate of the Nimda worm may also cause bandwidth denial-of-service conditions on networks with infected machines and allow intruders the ability to execute arbitrary commands within the Local System security context on machines running the unpatched versions of IIS.