EC-Council
EC0-350 · Question #473
EC0-350 Question #473: Real Exam Question with Answer & Explanation
Sign in or unlock EC0-350 to reveal the answer and full explanation for question #473. The question stem and answer options stay visible for context.
Question
The following excerpt is taken from a honeyput log. The log captures activities across three days. There are several intrusion attempts; however, a few are successful. Study the log given below and answer the following question: (Note: The objective of this questions is to test whether the student has learnt about passive OS fingerprinting (which should tell them the OS from log captures): can they tell a SQL injection attack signature; can they infer if a user ID has been created by an attacker and whether they can read plain source - destination entries from log entries.) What can you infer from the above log?
Exhibit
Options
- AThe system is a windows system which is being scanned unsuccessfully.
- BThe system is a web application server compromised through SQL injection.
- CThe system has been compromised and backdoored by the attacker.
- DThe actual IP of the successful attacker is 24.9.255.53.
Unlock EC0-350 to see the answer
You've previewed enough free EC0-350 questions. Unlock EC0-350 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.