34,453 views
12 votes
12 votes
Consider a scenario where you are a security analyst for a Linux-based system. You see a user called gamma running a process called exploreallfiles that is not authorized on the system.

User Matthijs P
by
2.8k points

1 Answer

27 votes
27 votes

Answer:

There are a few steps that could be taken to investigate this scenario:

1. Check the process list to see what exploreallfiles is doing. This can be done with the "ps" command.

2. Check the system logs to see if there are any entries related to exploreallfiles. This can be done with the "grep" command.

3. Check the file permissions on exploreallfiles to see if the user gamma has the appropriate permissions to run it. This can be done with the "ls" command.

4. If necessary, escalate the issue to a higher level of authority to take appropriate action.

User Alejandro Zuleta
by
3.4k points