IS3440 CHAP 14 DETECTING AND RESPONDING TO SECURITY BREACHES Flashcards
COMMAND ___ is known as the disk dump command, it supports a full copy of all data on a partition, volume, or drive.
dd
COMMAND ___ is a variation on the dd command that reads data from back to front on a specified partition, volume, or drive. It is more error tolerant than dd.
dd_rescue
COMMAND ___ is a command that lists libraries used by a specified command; its use requires the full path to the target command.
ldd
COMMAND ___ is a file that dynamically represents the contents of RAM on the local system.
/proc/kcore
COMMAND ___ is a command that synchronizes files from one location to another; may be used in conjunction with SSH.
rsync
COMMAND ___ is a command that traces the system calls used by another command; primarily used for troubleshooting.
strace
COMMAND ___ is a package that tracks the RAM and CPU usage on a system, with the help of the ‘cron’ service.
sysstat
COMMAND ___ is a command that lists currently logged in users and the process currently being run by that user.
w
COMMAND ___ is a command that lists currently logged in users.
who
___ is an abbreviation for Computer Aided Investigative Environment, a bootable live CD distribution available from http://caine-live.net/.
CAINE
___ is built on Ubuntu Linux. It includes a number of live tools for recovering data from live Microsoft operating systems available.
DEFT
___ is a live CD distribution that incorporates the tools associated with the Sleuth Kit.
Master Key Linux
___ is a system for bug reports on Red Hat distributions.
Red Hat Bugzilla
___ is a package of tools that can be used to save volatile data; intended for use on read-only media as commands on compromised systems.
Sleuth Ket
- Which of the following COMMANDS can display the free memory in RAM and in a swap partition? (Select two)
- free
- mem
- top
- swapon
free
top