Which of the following commands should the administrator run NEXT to further analyze the compromised system?

Posted by: Pdfprep Category: CS0-002 Tags: , ,

A security analyst is investigating a compromised Linux server. The analyst issues the ps command and receives the following output.

Which of the following commands should the administrator run NEXT to further analyze the compromised system?
A . strace /proc/1301
B . rpm -V openash-server
C . /bin/la -1 /proc/1301/exe
D . kill -9 1301

Answer: A

Leave a Reply

Your email address will not be published.