gz on a Linux system while doing an investigation, what can you conclude?

If you see the files Zer0.tar.gz and copy.tar.gz on a Linux system while doing an investigation, what can you conclude?

If you see the files Zer0.tar.gz and copy.tar.gz on a Linux system while doing an investigation, what can you conclude?

A.
The system files have been copied by a remote attacker

B.
The system administrator has created an incremental backup

C.
The system has been compromised using a t0rnrootkit

D.
Nothing in particular as these can be operational files



Leave a Reply 0

Your email address will not be published. Required fields are marked *