Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

GAQM Exam CPEH-001 Topic 7 Question 42 Discussion

Actual exam question for GAQM's CPEH-001 exam
Question #: 42
Topic #: 7
[All CPEH-001 Questions]

After studying the following log entries, how many user IDs can you identify that the attacker has tampered with?

1. mkdir -p /etc/X11/applnk/Internet/.etc

2. mkdir -p /etc/X11/applnk/Internet/.etcpasswd

3. touch -acmr /etc/passwd /etc/X11/applnk/Internet/.etcpasswd

4. touch -acmr /etc /etc/X11/applnk/Internet/.etc

5. passwd nobody -d

6. /usr/sbin/adduser dns -d/bin -u 0 -g 0 -s/bin/bash

7. passwd dns -d

8. touch -acmr /etc/X11/applnk/Internet/.etcpasswd /etc/passwd

9. touch -acmr /etc/X11/applnk/Internet/.etc /etc

Show Suggested Answer Hide Answer
Suggested Answer: C

Passwd is the command used to modify a user password and it has been used together with the usernames nobody and dns.


Contribute your Thoughts:

Currently there are no comments in this discussion, be the first to comment!


Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77