You have been asked to help investigate and ongoing security incident. Your manager has asked you to determine if there are any unknown or unexpected network connections on a public facing server that hosts the organization's website. After logging onto the Windows based machine, what command would you use to determine this?
Correct Incorrect Unanswered Report Issue Answer Description
Netstat
is a command line tool available on Windows operating systems that provides information about the current state of the machine's network, including any open TCP connections.
Wikipedia
In computing, netstat (network statistics) is a command-line network utility that displays network connections for Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics. It is available on Unix, Plan 9, Inferno, and Unix-like operating systems including macOS, Linux, Solaris and BSD. It is also available on IBM OS/2 and on Microsoft Windows NT-based operating systems including Windows XP, Windows Vista, Windows 7, Windows 8 and Windows 10.
It is used for finding problems in the network and to determine the amount of traffic on the network as a performance measurement. On Linux this program is mostly obsolete, although still included in many distributions.
On Linux, netstat (part of "net-tools") is superseded by ss (part of iproute2). The replacement for netstat -r is ip route, the replacement for netstat -i is ip -s link, and the replacement for netstat -g is ip maddr, all of which are recommended instead.
Netstat - Wikipedia, the free encyclopedia Subscribe to avoid duplicate questions and track your progress over time