GIAC
GSEC · Question #68
GSEC Question #68: Real Exam Question with Answer & Explanation
Sign in or unlock GSEC to reveal the answer and full explanation for question #68. The question stem and answer options stay visible for context.
Question
You are doing some analysis of malware on a Unix computer in a closed test network. The IP address of the computer is 192.168.1.120. From a packet capture, you see the malware is attempting to do a DNS query for a server called iamabadserver.com so that it can connect to it. There is no DNS server on the test network to do name resolution. You have another computer, whose IP is 192.168.1.115, available on the test network that you would like for the malware connect to it instead. How do you get the malware to connect to that computer on the test network?
Options
- AYou modify the HOSTS file on the computer you want the malware to connect to and add an entry
- BYou modify the HOSTS file on the Unix computer your malware is running on and add an entry
- CYou modify the HOSTS file on the Unix computer your malware is running on and add an entry
- DYou modify the HOSTS file on the computer you want the malware to connect to and add an entry
Unlock GSEC to see the answer
You've previewed enough free GSEC questions. Unlock GSEC for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.