Which intrusion category is suggested by short or incomplete logs, unusually slow system performance, missing logs or incorrect permissions, modifications to system software, unusual displays, gaps in accounting, system crashes, and unfamiliar processes?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which intrusion category is suggested by short or incomplete logs, unusually slow system performance, missing logs or incorrect permissions, modifications to system software, unusual displays, gaps in accounting, system crashes, and unfamiliar processes?

Explanation:
These symptoms point to compromise at the host itself—the system and its software have been affected. Short or incomplete logs, missing logs, or incorrect permissions suggest log tampering to hide activity. Modifications to system software, unfamiliar processes, and unusual displays indicate persistence and execution of rogue code within the operating environment. Gaps in accounting and system crashes show that the integrity and stability of the host are being affected, not just access over the network. Unusually slow performance can result from malware consuming resources or kernel-level tampering. Network intrusions focus on attacking or exploiting traffic and resources across networks, not on altering the host’s internal state. File system intrusions involve tampering with files themselves, whereas the broader range of host symptoms here points to a system-level compromise. Protocol anomaly detection deals with unusual network protocol behavior rather than the host’s operating environment.

These symptoms point to compromise at the host itself—the system and its software have been affected. Short or incomplete logs, missing logs, or incorrect permissions suggest log tampering to hide activity. Modifications to system software, unfamiliar processes, and unusual displays indicate persistence and execution of rogue code within the operating environment. Gaps in accounting and system crashes show that the integrity and stability of the host are being affected, not just access over the network. Unusually slow performance can result from malware consuming resources or kernel-level tampering.

Network intrusions focus on attacking or exploiting traffic and resources across networks, not on altering the host’s internal state. File system intrusions involve tampering with files themselves, whereas the broader range of host symptoms here points to a system-level compromise. Protocol anomaly detection deals with unusual network protocol behavior rather than the host’s operating environment.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy