A Security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.6666.
Which of the following should the security analyst do to determine if the compromised system still has an active connection?
A . tracert
B . netstat
C . Ping
D . nslookup
Answer: B
Latest SY0-501 Dumps Valid Version with 1130 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund