A technician thinks a customer's computer may have a malware infection and wants to determine whether the computer is in communication with any other machines. Which of the following commands should the technician use?
The netstat command displays active TCP/IP network connections on a computer. It shows current connections between the infected machine and any external IP addresses, which can help the technician detect communication with suspicious or malicious hosts. This is crucial in malware investigations to identify if the system is contacting command and control servers. tracert traces the path to a network host but doesn’t show active connections. net use manages shared resources, net user manages user accounts, and nslookup resolves DNS names but doesn’t show communication. Core 2 tools for network troubleshooting list netstat as vital for identifying network activity related to malware infections.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit