Tuesday, 1 November 2016

Latest Pass4sure CAS-002 Exam Questions and Answers

Question 4

Which of the following would be used in forensic analysis of a compromised Linux system? (Select

A.Check log fles for logins from unauthorized IPs.
B.Check /proc/kmem for fragmented memory segments.
C.Check for unencrypted passwords in /etc/shadow.
D.Check tmestamps for fles modifed around tme of compromise.
E.Use lsof to determine fles with future tmestamps.
F.Use gpg to encrypt compromised data fles.
G.Verify the MD5 checksum of system binaries.
H.Use vmstat to look for excessive disk I/O.



Post a Comment