A security analyst is checking log files and finds the following entries:
Which of the following is MOST likely happening?
A. A hacker attempted to pivot using the web server interface.
B. A potential hacker could be banner grabbing to determine what architecture is being used.
C. The DNS is misconfigured for the server’s IP address.
D. A server is experiencing a DoS, and the request is timing out,
How To Pass SY0-601 Exam?CompTIA SY0-601 PDF dumps.High quality SY0-601 pdf and software. VALID exam to help you pass. |
 |
First glance points to C. The DNS is misconfigured for the server’s IP address. Only because the Host lookup failed.
However, It maybe that the port is unavailable because the hacker is using it. Hence the error when the nc -vv command is run.
So it could be A. A hacker attempted to pivot using the web server interface.
info
https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
The person is running a verbose, seemed like he/she is trying to banner grab. I will go with B
It should be B. It is using NetCat to banner grabbing. How is it going to be A?
Can someone explain why the answer is not C?