Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GSNA Exam - Topic 4 Question 78 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 78
Topic #: 4
[All GSNA Questions]

You are the Network Administrator for a software development company. Your company creates various utilities and tools. You have noticed that some of the files your company creates are getting deleted from systems. When one is deleted, it seems to be deleted from all the computers on your network. Where would you first look to try and diagnose this problem?

Show Suggested Answer Hide Answer
Suggested Answer: A

Check the antivirus log and see if it is detecting your file as a virus and deleting it. All antivirus programs have a certain rate of false positives.

Since the file is being deleted from all computers, it seems likely that your antivirus has mistakenly identified that file as a virus.

Answer D is incorrect. The firewall log can help you identify traffic entering or leaving your network, but won't help with files being

deleted.

Answer B is incorrect. An IDS log would help you identify possible attacks, but this scenario is unlikely to be from an external attack.

Answer C is incorrect. Your system log can only tell you what is happening on that individual computer.


by Hubert at Nov 23, 2025, 02:22 AM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Mauricio
2 months ago
I think System log is best. Need to see what’s happening on each machine.
upvoted 0 times
...
Lisha
2 months ago
Firewall log? Not sure it’s relevant, but worth a look.
upvoted 0 times
...
Vincent
2 months ago
IDS log could help too. Might catch any unauthorized access.
upvoted 0 times
...
Scarlet
2 months ago
I’d go for the System log. It shows all file activities.
upvoted 0 times
...
Minna
2 months ago
I agree, Antivirus log makes sense. Files disappearing is suspicious.
upvoted 0 times
...
Aron
2 months ago
I’d check the Antivirus log first. Could be a false positive.
upvoted 0 times
...
Lorrine
3 months ago
Firewall log? Nah, I doubt that would help much.
upvoted 0 times
...
Hillary
3 months ago
Wait, files deleting from all computers? That’s weird!
upvoted 0 times
...
Valentin
3 months ago
System log seems like a solid choice too.
upvoted 0 times
...
Hyun
4 months ago
The antivirus log, huh? I bet the files were actually deleted by the janitor who was tired of all those "useless" programs cluttering up the computers.
upvoted 0 times
...
Odette
4 months ago
Firewall log? Really? How would that help diagnose a file deletion issue? Clearly, the system log is the way to go.
upvoted 0 times
...
Cristen
4 months ago
Definitely the IDS log. Sounds like a hacker is targeting your company's files. Time to call in the cyber security experts!
upvoted 0 times
...
Kimberlie
4 months ago
I'd start with the system log. Seems like a permissions issue or some kind of automated cleanup process gone wrong.
upvoted 0 times
...
Francesco
4 months ago
The antivirus log is the obvious choice here. Those pesky files are probably getting flagged as malware and deleted automatically.
upvoted 0 times
...
Stephanie
4 months ago
The firewall log seems less likely to help with file deletions, but I guess it could show if there are any unusual access patterns.
upvoted 0 times
...
Skye
5 months ago
I feel like the system log might give some insights into file deletions, but I’m not confident if it would show the cause.
upvoted 0 times
...
Shawnda
5 months ago
I remember a practice question where the IDS log was crucial for identifying unauthorized access. Maybe that could help here too?
upvoted 0 times
...
Billye
5 months ago
This seems like a network-level problem, so I'd probably go straight to the IDS log. That should give me some insight into any unauthorized access or suspicious traffic that could be causing the file deletions.
upvoted 0 times
...
Keith
5 months ago
Okay, I think I've got a strategy here. Since the files are being deleted across the network, the issue is likely happening at a system-wide level. I'd start with the system log to see if there are any error messages or suspicious activity.
upvoted 0 times
...
Fausto
5 months ago
I think I would start with the antivirus log since it could be deleting files it sees as threats, but I'm not entirely sure.
upvoted 0 times
...
Lynelle
6 months ago
I think the IDS log could be more relevant here.
upvoted 0 times
...
Mariko
6 months ago
I'd check the antivirus log first. Sounds like a malware issue.
upvoted 0 times
...
Noel
6 months ago
I'm a bit confused on this one. Should I be looking at the antivirus log or the firewall log first? I want to make sure I'm covering all my bases.
upvoted 0 times
...
Carmelina
6 months ago
Hmm, this seems like a tricky one. I'd probably start by checking the system logs to see if there are any clues about what's causing the file deletions.
upvoted 0 times
Lucina
30 days ago
I’d still lean towards the system logs first. They usually have the most info.
upvoted 0 times
...
Marla
1 month ago
IDS logs might show if there's any suspicious activity.
upvoted 0 times
...
Arlette
1 month ago
But what about the antivirus log? It could be deleting them.
upvoted 0 times
...
Renay
5 months ago
I think checking the system logs is a good idea.
upvoted 0 times
...
Clorinda
6 months ago
Firewall logs could help too, just in case there's an external threat.
upvoted 0 times
...
...

Save Cancel