SY0-501 Dumps Questions | A security analyst is diagnosing an incident in which….

Question 5:

A security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?

A. tracert

B. netstat

C. ping

D. nslookup

Answer: B

Leave a Reply

Your email address will not be published. Required fields are marked *