312-50V13 · Question #108
312-50V13 Question #108: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V13 to reveal the answer and full explanation for question #108. The question stem and answer options stay visible for context.
Question
Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal? c:\> cmd /c type c:\winnt\repair\sam > c:\har.txt Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\ 11/26/00 12:34p 0 AUTOEXEC.BAT 11/26/00 06:57p 322 boot.ini 11/26/00 12:34p CONFIG.SYS 12/26/00 07:36p < DIR > exploits 02/04/01 07:07a 5,327 har.txt 12/07/00 03:30p < DIR > InetPub 12/07/00 03:12p < DIR > Multimedia Files 12/26/00 07:10p < DIR > New Folder 01/26/01 02:10p 78,643,200 pagefile.sys 12/21/00 08:59p < DIR > Program Files 02/04/01 06:49a 69 README.NOW.Hax0r 12/21/00 08:59p < DIR > TEMP 02/04/01 07:05a < DIR > WINNT 12/26/00 07:09p < DIR > wiretrip 02/04/01 06:43a 0 mine.txt 15 File(s) 78,648,918 bytes 1,689,455,616 bytes free c:\> type har.txt c:\> copy har.txt c:\inetpub\wwwroot c:\> GET har.txt HTTP/1.1 Server: Microsoft-IIS/4.0 Date: Sun, 04 Feb 2001 13:11:28 GMT Content-Type: text/plain Accept-Ranges: bytes Last-Modified: Sun, 04 Feb 2001 13:07:33 GMT ETag: "5063fd6fab8ec01:b85" Content-Length: 5327
Options
- Ahar.txt
- BSAM file
- Cwwwroot
- DRepair file
Unlock 312-50V13 to see the answer
You've previewed enough free 312-50V13 questions. Unlock 312-50V13 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.