Discovery Methodology Flashcards

1
Q

What event ID will generate if an attempt was made to install a service?

A

4697

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What command will look to see what other machines have an open session?

A

Netstat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

In linux if you wanted to show the first 8 lines of the file: test.csv, what command would you run?

A

head -n 8 test.csv

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does SED stand for?

A

Stream Editor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In Windows, what command will look for any listening activity on ports?

A

nestat -aon

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a common command line rootkit detector that you can run from Windows Command Line?

A

Haxorcito’s Rootkit Detector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

In linux if you wanted to know how many lines were in the file test.csv, what command would you run?/

A

wc -l test.csv

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In Linux what log stores failed login attempts?

A

/var/log/auth.log

How well did you know this?
1
Not at all
2
3
4
5
Perfectly