Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam CV0-004 Topic 1 Question 17 Discussion

Actual exam question for CompTIA's CV0-004 exam
Question #: 17
Topic #: 1
[All CV0-004 Questions]

The company's IDS has reported an anomaly. The cloud engineer remotely accesses the cloud instance, runs a command, and receives the following information:

Which of the following is the most likely root cause of this anomaly?

Show Suggested Answer Hide Answer
Suggested Answer: A

The output from the 'ps' command indicates there is a process running under the UID (User ID) of 0, which is the root user, and the command that was run is '/var/www/command.py'. Given that the normal Apache processes are running under their own UID (65535), this suggests that a command was executed with root privileges that typically should not have such high-level access. This is a strong indicator of privilege escalation, where an unauthorized user or process gains elevated access to resources that are normally protected from an application or user. Reference: CompTIA Cloud+ Certification Study Guide (Exam CV0-004) by Scott Wilson and Eric Vanderburg


by Nicolette at Aug 24, 2024, 02:34 AM

Limited Time Offer

25%

Off

Get Premium CV0-004 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Antonio
3 months ago
Cryptojacking, huh? Sounds like someone's trying to get rich quick. I'll go with Option C, the most likely culprit.
upvoted 0 times
...
Tarra
3 months ago
I think C) Cryptojacking is also a possibility, especially with the rise of cryptocurrency mining malware.
upvoted 0 times
...
Deonna
3 months ago
Wait, is this a trick question? I'd say the website's been defaced, but that's just me. Option D, please!
upvoted 0 times
Denise
2 months ago
I'm leaning towards privilege escalation. Option A.
upvoted 0 times
...
Robt
2 months ago
I'm not sure, but I think it could be cryptojacking. Option C.
upvoted 0 times
...
Nu
2 months ago
I agree with Nu, leaked credentials seem like a possible cause. Option B.
upvoted 0 times
...
Carline
2 months ago
I think it might be leaked credentials. Option B.
upvoted 0 times
...
Tawna
3 months ago
I agree with Tawna. Leaked credentials seems like the most likely root cause.
upvoted 0 times
...
Giuseppe
3 months ago
I think it's actually leaked credentials. Option B.
upvoted 0 times
...
...
Elise
3 months ago
I believe it could also be A) Privilege escalation, as that can lead to unauthorized access.
upvoted 0 times
...
Sherita
3 months ago
I agree with Elizabeth, leaked credentials could definitely cause this anomaly.
upvoted 0 times
...
Elizabeth
3 months ago
I think the most likely root cause is B) Leaked credentials.
upvoted 0 times
...
Mila
4 months ago
This reminds me of that time I tried to hack into my neighbor's Wi-Fi to stream the big game. Definitely going with Option C on this one.
upvoted 0 times
...
Jamie
4 months ago
I'm guessing the cloud engineer found some leaked creds that are being used for nefarious purposes. Option B seems legit.
upvoted 0 times
Abel
3 months ago
C) Cryptojacking
upvoted 0 times
...
Isidra
3 months ago
B) Leaked credentials
upvoted 0 times
...
Dawne
3 months ago
A) Privilege escalation
upvoted 0 times
...
...
Torie
4 months ago
Hmm, looks like someone's trying to mine some crypto on the company's dime. Option C is the way to go here.
upvoted 0 times
Chantay
3 months ago
Let's tighten our security measures to prevent this from happening again.
upvoted 0 times
...
Rosamond
3 months ago
We need to address this issue immediately.
upvoted 0 times
...
Kristel
3 months ago
Definitely, that's a clear case of cryptojacking.
upvoted 0 times
...
Emerson
3 months ago
I think someone is trying to mine crypto on our company's cloud instance.
upvoted 0 times
...
...

Save Cancel