ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 249 discussion

Actual exam question from CompTIA's CS0-002
Question #: 249
Topic #: 1
[All CS0-002 Questions]

A user’s computer has been running slowly when the user tries to access web pages. A security analyst runs the command netstat -aon from the command line and receives the following output:



Which of the following lines indicates the computer may be compromised?

  • A. Line 1
  • B. Line 2
  • C. Line 3
  • D. Line 4
  • E. Line 5
  • F. Line 6
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by mrodmv at Dec. 6, 2022, 12:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
TheStudiousPeepz
Highly Voted 2 years, 1 month ago
You DO NOT need to open port 80 or 443 to make web requests. You should only need to open up ports if you plan to have other computers make connections to YOUR computer. Line 3 has 443 open locally. No Bueno. Answer is C.
upvoted 10 times
khrid4
2 years ago
best explanation for this question.
upvoted 1 times
...
...
karpal
Most Recent 1 year, 10 months ago
Selected Answer: C
the host has port 443(https) open and has connection on it. that is not normal for a host to have port https open. this is normal for a web server waiting to get requests from clients. it means there is a web server service started on the host and someone connected TO the host on port 443.
upvoted 1 times
...
opem
2 years, 1 month ago
Selected Answer: C
https://www.examtopics.com/discussions/comptia/view/42513-exam-cs0-002-topic-1-question-53-discussion/
upvoted 3 times
2Fish
2 years, 1 month ago
Agree, and Thanks for the link.
upvoted 1 times
...
...
brollo
2 years, 1 month ago
Is anyone able to provide a more exhaustive explanation why it should be C?
upvoted 1 times
jmccoid
2 years ago
I'd say that if they were giving me one line, it'd have to be the only line that it's serving 443. It's easy to tell the direction of the traffic. Generally, the lower number is the hosting server of the service. Albeit, not EVERY time, but it should mostly ring true for most common ports. It's C because a presumed external IP address has an established connection to our internal IP on 443. It's missing a TON of context but at a glance, that would be my reasoning. Anyone got something better?
upvoted 1 times
...
...
mrodmv
2 years, 4 months ago
Selected Answer: C
agree, the foreign IP looks suspicious
upvoted 1 times
forest111
2 years, 4 months ago
not foreign address but port 443 as source
upvoted 5 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago