Eccouncil 312-39 Exam - Topic 7 Question 117 Discussion

Actual exam question for Eccouncil's 312-39 exam

Question #: 117
Topic #: 7

[All 312-39 Questions]

Which of the following command is used to view iptables logs on Ubuntu and Debian distributions?

A$ tailf /var/log/sys/kern.log

B$ tailf /var/log/kern.log

C# tailf /var/log/messages

D# tailf /var/log/sys/messages

Show Suggested Answer

Suggested Answer: B

In Ubuntu and Debian distributions, the command to view iptables logs is$ tailf /var/log/kern.log. This command allows you to follow the end of the kernel log file in real-time. It is useful for monitoring the logs as they are updated. Thetailfcommand is similar totail -f, and it displays the last ten lines of the file by default and then outputs appended data as the file grows.

References: The answer is verified according to the EC-Council's Certified SOC Analyst (CSA) course materials and study guides, which cover the practical aspects of security operations and incident handling, including the monitoring of systems and logs123.

by Lorean at Apr 02, 2026, 01:59 PM

Limited Time Offer

25%

Off

Get Premium 312-39 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Martin

3 days ago

I think the command to view iptables logs is related to syslog, but I can't remember if it's kern.log or messages.

upvoted 0 times

...