Logical Operations Exam CFR-210 Topic 8 Question 67 Discussion

Actual exam question for Logical Operations's CFR-210 exam

Question #: 67
Topic #: 8

A DMZ web server has been compromised. During the log review, the incident responder wants to parse all common internal Class A addresses from the log. Which of the following commands should the responder use to accomplish this?

Agrep --x''(10.[0-9]+.[0-9]+.[0-9]+)'' etc/rc.d/apache2/access.log | output.txt

Bgrep --x''(192.168.[0.9]+[0-9])'' bin/apache2/access.log | output.txt

Cgrep --v''(10.[0-9]+.[0-9]+.[0-9]+)'' /var/log/apache2/access.log > output.txt

Dgrep --v''(192.168.[0.9]+[0-9]+)'' /var/log/apache2/access.log > output.txt

Show Suggested Answer

Suggested Answer: C

by Deja at Jul 02, 2024, 05:31 AM

Limited Time Offer

25%

Off

Get Premium CFR-210 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ryan

11 months ago

I agree with Britt, option C seems to be the most appropriate for parsing Class A addresses.

upvoted 0 times

...

Otis

11 months ago

Haha, I bet the incident responder is going to have a field day with all those IP addresses in the logs. Time to get their grep on!

upvoted 0 times

Willow

10 months ago

C) grep --v''(10.[0-9]+.[0-9]+.[0-9]+)'' /var/log/apache2/access.log > output.txt

upvoted 0 times

...

Devora

10 months ago

A) grep --x''(10.[0-9]+.[0-9]+.[0-9]+)'' etc/rc.d/apache2/access.log | output.txt

upvoted 0 times

...

Britt

11 months ago

But option C uses the correct syntax to exclude Class A addresses.

upvoted 0 times

...

Elouise

11 months ago

Wait, is the regex in option B even valid? I'm not sure that's going to work as expected.

upvoted 0 times

...

Lindy

11 months ago

I think option A is the way to go. The regex looks correct, and it's redirecting the output to a file.

upvoted 0 times

Amina

10 months ago

Let's go with option A then, it seems to be the consensus.

upvoted 0 times

...

Shenika

10 months ago

It's good that the output is being redirected to a file in option A.

upvoted 0 times

...

Magnolia

10 months ago

I think so too, the regex pattern in option A looks accurate.

upvoted 0 times

...

Moon

10 months ago

I agree, option A seems like the right choice.

upvoted 0 times

...

Leeann

11 months ago

I disagree, I believe option D is the right one.

upvoted 0 times

...

Britt

11 months ago

I think the correct command is option C.

upvoted 0 times

...

Audra

11 months ago

Option C looks good, it's using the right regex to filter out the internal Class A addresses from the log file.

upvoted 0 times

Lashaunda

11 months ago

Yeah, it uses the right regex pattern to filter out the internal Class A addresses.

upvoted 0 times

...

Tayna

11 months ago

I think option C is the correct one.

upvoted 0 times

...