Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Comptia Discussions

Exam SY0-501 topic 1 question 5 discussion

Actual exam question from CompTIA's SY0-501
Question #: 5
Topic #: 1
[All SY0-501 Questions]

A security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to
207.46.130.0:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?

  • A. tracert
  • B. netstat
  • C. ping
  • D. nslookup
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Aksu1994 at May 3, 2019, 6:04 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Rockadocious
Highly Voted 4 years, 10 months ago
Open cmd in your system Type netstat -a This will show you the connections and whether the it is listening, established or Close_wait The question was how to determine if it's still open
upvoted 20 times
...
bobthebuilder55110
Highly Voted 3 years, 3 months ago
Can anyone please tell me how can directly jump on topic 2 questions?? And also some tips would be nice interms of exam I am planning to give exam in the first week of February and I have watched professor messer and read through some of Darril gibson book. and then directly jumping here for the questions, do you think it will be enough ??
upvoted 7 times
...
exiledwl
Most Recent 3 years, 3 months ago
Some free advice. Topic 1 has old questions and you should skip it because you won't see these on the exam. Topic 2 has latest questions as of Dec 2020. I'd even recommend paying (like I did) to get access to the full list of topic 2. 90% of my questions were from topic 2
upvoted 7 times
illuded03jolted
3 years, 3 months ago
appreciate it man!
upvoted 1 times
...
jnew
3 years, 3 months ago
How sure are you that Topic 1 questions won't be seen on the exam after December 2020?
upvoted 3 times
...
theguru89
2 years, 10 months ago
where is topic 2??
upvoted 2 times
...
Fernando001
2 years, 11 months ago
Where is topic 2 ?
upvoted 2 times
...
...
dinosan
4 years, 1 month ago
The netstat command (short for network statistics) allows you to view statistics for TCP/IP protocols on a system. It also gives you the ability to view active TCP/IP network connections. Many attacks establish connections from an infected computer to a remote computer. If you suspect this, you can often identify these connections with netstat. Source: Get Certified Get Ahead - Netstat (p.86)
upvoted 3 times
...
MSZ
4 years, 11 months ago
The port is also mentioned that's why
upvoted 2 times
...
Aksu1994
4 years, 11 months ago
How would the command look like? Because personally, i thought ping would be better because you could ping that ip adress and see whether you are getting a response from it or not. You can't use netstat to check if an external ip adress is active or not, right?
upvoted 1 times
nickyjohn
4 years, 4 months ago
Ping is good to use when you are seing if a host is up and running, but as soon as you enter the colon(:) the command will fail to return any information!
upvoted 5 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel