See if you can answer this sample Security+ question?
Q. Network administrators identified what appears to be malicious traffic coming from an internal computer, but only when no one is logged on to the computer. You suspect the system is infected with malware. It periodically runs an application that attempts to connect to web sites over port 80 with Telnet. After comparing the computer with a list of services from the standard image, you verify this application is very likely the problem. What process allowed you to make this determination?
A. Banner grabbing
B. Hardening
C. Whitelisting
D. Baselining
More, do you know why the correct answer is correct and the incorrect answers are incorrect? See the full explanation and the correct answer here.
