Based on some old siem alerts, you have been asked to perform some forensic analysis on a particular host. you have noticed that some ssl network connections are occurring over ports other than port 443. additionally, the siem alerts state that copies of svchost. exe and cmd. exe have been found in the %temp% folder on the host, as well as showing that rdp connections have previously connected with an ip address that is external to the corporate intranet. what threat might you have uncovered during your analysis?

i think the answer is b.

answerlibraries;

a  social news website  is an  internet  website  that features  user-posted stories. such stories are ranked based on popularity, as voted on by other users of the site or by website administrators. users typically comment online on the news posts and these comments may also be ranked in popularity. since their emergence with the birth of  web 2.0, social news sites have been used to link many types of information, including news, humor, support, and discussion. all such websites allow the users to submit content and each site differs in how the content is moderated. on the  slashdot  and  fark  websites,  administrators  decide which articles are selected for the front page. on  reddit  and  digg, the articles that get the most votes from the community of users will make it to the front page. many social news websites also feature an online comment system, where users discuss the issues raised in an article. some of these sites have also applied their voting system to the comments, so that the most popular comments are displayed first. some social news websites also have a  social networking  function, in that users can set up a user profile and follow other users' online activity on the website.