Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GSNA Topic 6 Question 43 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 43
Topic #: 6
[All GSNA Questions]

You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to track the system for user logins. To accomplish the task, you need to analyze the log configuration files. Which of the following Unix log configuration files can you use to

accomplish the task?

Show Suggested Answer Hide Answer
Suggested Answer: C

A null session is an anonymous connection to a freely accessible network share called IPC$ on Windows-based servers. It allows immediate

read and write access with Windows NT/2000 and read-access with Windows XP and 2003.

The command to be inserted at the DOS-prompt is as follows:

net use \IP address_or_host nameipc$ '' '/user:'

net use

Port numbers 139 TCP and 445 UDP can be used to start a NULL session attack.


by Becky at Apr 08, 2024, 09:36 PM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Francine
2 months ago
I'm just here hoping the answer isn't /dev/null. That's where all my brilliant ideas end up!
upvoted 0 times
Alesia
22 days ago
D) /var/log/maillog
upvoted 0 times
...
Vesta
28 days ago
C) /var/spool/mail
upvoted 0 times
...
Desmond
1 months ago
B) /var/log/secure
upvoted 0 times
...
Mee
2 months ago
A) /var/log/messages
upvoted 0 times
...
...
Viva
2 months ago
I bet the /var/log/maillog file would have some useful login information, especially if users are accessing their email through a web interface.
upvoted 0 times
Britt
28 days ago
I agree, /var/log/maillog would be a good place to check for login information related to email access.
upvoted 0 times
...
Sharee
1 months ago
D) /var/log/maillog
upvoted 0 times
...
Ciara
1 months ago
C) /var/spool/mail
upvoted 0 times
...
Lasandra
1 months ago
B) /var/log/secure
upvoted 0 times
...
Francesco
1 months ago
A) /var/log/messages
upvoted 0 times
...
...
Corazon
2 months ago
I'm not sure about this. Can someone explain why /var/log/secure is the correct choice for tracking user logins?
upvoted 0 times
...
Luis
2 months ago
I agree with Mel. /var/log/secure is the right file to track user logins on a Unix-based network.
upvoted 0 times
...
Erasmo
2 months ago
Hah, /var/spool/mail? That's where the actual emails are stored, not the login logs. Come on, we're network admins, not mail clerks!
upvoted 0 times
...
Penney
2 months ago
I'm not sure about that. The /var/log/messages file might be a better option since it contains a more comprehensive log of system activities.
upvoted 0 times
...
Broderick
2 months ago
The /var/log/secure file seems like the obvious choice here. It's where the system records user login and authentication events.
upvoted 0 times
Louisa
1 months ago
D) /var/log/maillog
upvoted 0 times
...
Laurel
2 months ago
C) /var/spool/mail
upvoted 0 times
...
Leah
2 months ago
B) /var/log/secure
upvoted 0 times
...
Sherrell
2 months ago
A) /var/log/messages
upvoted 0 times
...
...
Mel
3 months ago
I think the answer is B) /var/log/secure because it contains information about user logins.
upvoted 0 times
...

Save Cancel