Test Index

Comp TIA Security + Certification Questions Part 4

© examsnet.com
Question : 49 of 60
Marks: +1, -0
A cybersecurity analyst is looking into the payload of a random packet capture file that was selected for analysis. The analyst notices that an internal host had a socket established with another internal host over a non-standard port.
Upon investigation, the origin host that initiated the socket shows this output:
udera@host>history
                  \;\;\;\;\;\;\;\;\;mkdir /local/usr/bin/somedirectory
                  \;\;\;\;\;\;\;\;\;nc -1 192.168.5.1 -p 9856
                  \;\;\;\;\;\;\;\;\;ping -c 30 8.8.8.8 -s 600
                  \;\;\;\;\;\;\;\;\;rm -rm /etc/dir2/somefile
                  \;\;\;\;\;\;\;\;\;rm -rm /etc/dir2/
                  \;\;\;\;\;\;\;\;\;traceroute 8.8.8.8
                  \;\;\;\;\;\;\;\;\;pskill pid 9487
usera@host>
Given the above output, which of the following commands would have established the questionable socket?
Go to Question: