The administrator suspects the system has been compromised and runs the ps command:
615 ? Ss 0:00 /usr/sbin/sshd
624 ? Ss 0:00 /usr/bin/X11/xfs -daemon
707 ? Ss 0:00 /usr/sbin/cron
709 ? Ss 0:00 /usr/.sbin/httpd
775 ? Ss 0:00 /usr/bin/X11/xdm
776 tty1 Ss+ 0:00 /sbin/getty 38400 tty1
Which of the following should be investigated?
A.
The httpd program is not normally in /usr/.sbin.
B.
The xfs process should not be run in daemon modes.
C.
The cron process should have a lower PID (Process ID).
D.
The getty program should not run with 38400 baud.
I choose A