The chief operations officer (COO) has questioned the need for end-user training. Which of thefollowing is the most effective response?
You want to learn more about a security breach that was recently discovered in a Windows server.Which organization should you consult?
In a Linux system, which command can be used to view the activities of a user who has logged into an account?
Which resource contains settings that you can modify to activate and deactivate network servicesin a Windows XP system?
An unauthorized user has overwritten a router’s configuration. After being caught, the userindicated that he was able to obtain the password by sniffing the router’s network communications.Which service was exploited?
A compromised system was given to your IT administrator for storage until police can investigatethe system further. Which of the following will police and other legal personnel expect from the ITadministrator in order for this system to be considered valid evidence?
After a system has been compromised, which activity is expected if you plan to analyze thesystem for a legal investigation?
A malicious user has deleted essential files from a Web server during a system compromise. Theaffected Linux system does not have an undelete utility. A systems expert has been able torecover this file. What was the systems expert able to find in order to initiate the recovery process?
Which of the following best describes the executive summary in a forensic report?
Which of the following is a common element of a penetration test?