Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GSNA Topic 6 Question 43 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 43
Topic #: 6
[All GSNA Questions]

You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to track the system for user logins. To accomplish the task, you need to analyze the log configuration files. Which of the following Unix log configuration files can you use to

accomplish the task?

Show Suggested Answer Hide Answer
Suggested Answer: C

A null session is an anonymous connection to a freely accessible network share called IPC$ on Windows-based servers. It allows immediate

read and write access with Windows NT/2000 and read-access with Windows XP and 2003.

The command to be inserted at the DOS-prompt is as follows:

net use \IP address_or_host nameipc$ '' '/user:'

net use

Port numbers 139 TCP and 445 UDP can be used to start a NULL session attack.


by Becky at Apr 08, 2024, 09:36 PM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Viva
20 hours ago
I bet the /var/log/maillog file would have some useful login information, especially if users are accessing their email through a web interface.
upvoted 0 times
...
Corazon
2 days ago
I'm not sure about this. Can someone explain why /var/log/secure is the correct choice for tracking user logins?
upvoted 0 times
...
Luis
4 days ago
I agree with Mel. /var/log/secure is the right file to track user logins on a Unix-based network.
upvoted 0 times
...
Erasmo
5 days ago
Hah, /var/spool/mail? That's where the actual emails are stored, not the login logs. Come on, we're network admins, not mail clerks!
upvoted 0 times
...
Penney
6 days ago
I'm not sure about that. The /var/log/messages file might be a better option since it contains a more comprehensive log of system activities.
upvoted 0 times
...
Broderick
10 days ago
The /var/log/secure file seems like the obvious choice here. It's where the system records user login and authentication events.
upvoted 0 times
...
Mel
16 days ago
I think the answer is B) /var/log/secure because it contains information about user logins.
upvoted 0 times
...

Save Cancel