nerdexam
ExamsCAS-003Questions#63
CompTIA

CAS-003 · Question #63

CAS-003 Question #63: Real Exam Question with Answer & Explanation

Sign in or unlock CAS-003 to reveal the answer and full explanation for question #63. The question stem and answer options stay visible for context.

Question

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

Options

  • ACheck log files for logins from unauthorized IPs.
  • BCheck /proc/kmem for fragmented memory segments.
  • CCheck for unencrypted passwords in /etc/shadow.
  • DCheck timestamps for files modified around time of compromise.
  • EUse lsof to determine files with future timestamps.
  • FUse gpg to encrypt compromised data files.
  • GVerify the MD5 checksum of system binaries.
  • HUse vmstat to look for excessive disk I/O.

Unlock CAS-003 to see the answer

You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CAS-003 - $49.99 / 30 daysSign in
Full CAS-003 Practice