Certified Incident Handler (ECIH) — Question 36

RAT has been setup in one of the machines connected to the network to steal the important Sensitive corporate docs located on Desktop of the server, further investigation revealed the IP address of the server 20.20.10.26. Initiate a remote connection using thief client and determine the number of files present in the folder.
Hint: Thief folder is located at: Z:\CCT-Tools\CCT Module 01 Information Security Threats and Vulnerabilities\Remote Access Trojans (RAT)\Thief of Attacker Machine-1.

Answer options

• A. 2
• B. 4
• C. 3
• D. 5

Correct answer: C

Explanation

The correct answer is C, as there are 3 files in the specified folder according to the task. Options A, B, and D are incorrect because they do not reflect the actual number of files present in the Thief folder.