CompTIACompTIA
SY0-501 · Question #27
SY0-501 Question #27: Real Exam Question with Answer & Explanation
Sign in or unlock SY0-501 to reveal the answer and full explanation for question #27. The question stem and answer options stay visible for context.
Submitted by sofia.br· Mar 4, 2026
Question
A Security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?
Options
- Atracert
- Bnetstat
- CPing
- Dnslookup
Unlock SY0-501 to see the answer
You've previewed enough free SY0-501 questions. Unlock SY0-501 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.