Discovery Methodology Flashcards
1
Q
What event ID will generate if an attempt was made to install a service?
A
4697
2
Q
What command will look to see what other machines have an open session?
A
Netstat
3
Q
In linux if you wanted to show the first 8 lines of the file: test.csv, what command would you run?
A
head -n 8 test.csv
4
Q
What does SED stand for?
A
Stream Editor
5
Q
In Windows, what command will look for any listening activity on ports?
A
nestat -aon
6
Q
What is a common command line rootkit detector that you can run from Windows Command Line?
A
Haxorcito’s Rootkit Detector
7
Q
In linux if you wanted to know how many lines were in the file test.csv, what command would you run?/
A
wc -l test.csv
8
Q
In Linux what log stores failed login attempts?
A
/var/log/auth.log