Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 300-215 Topic 8 Question 69 Discussion

Actual exam question for Cisco's 300-215 exam
Question #: 69
Topic #: 8
[All 300-215 Questions]

An organization uses a Windows 7 workstation for access tracking in one of their physical data centers on which a guard documents entrance/exit activities of all personnel. A server shut down unexpectedly in this data center, and a security specialist is analyzing the case. Initial checks show that the previous two days of entrance/exit logs are missing, and the guard is confident that the logs were entered on the workstation. Where should the security specialist look next to continue investigating this case?

Show Suggested Answer Hide Answer
Suggested Answer: C, E

by Flo at Feb 14, 2024, 01:48 AM

Limited Time Offer

25%

Off

Get Premium 300-215 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Alverta
2 months ago
The security specialist should check the CurrentUser registry key. That's where all the important stuff is hidden, right?
upvoted 0 times
Tasia
6 days ago
Yes, that's the correct registry key to check for the entrance/exit logs.
upvoted 0 times
...
Niesha
7 days ago
C) HKEY_CURRENT_USER\\Software\\Classes\\Winlog
upvoted 0 times
...
Lai
8 days ago
No, that's not the right place to look. Try again.
upvoted 0 times
...
Jillian
1 months ago
A) HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\WindowsNT\\CurrentVersion\\Winlogon
upvoted 0 times
...
...
Joesph
2 months ago
Haha, I bet the guard was too busy chatting with visitors to properly log the entrance/exit activities. Good luck finding those missing logs!
upvoted 0 times
...
Pansy
2 months ago
This is a classic case of missing data! I bet the security specialist will find the logs in the Winlogon registry key. That's where I'd start looking.
upvoted 0 times
Eden
1 months ago
I think the security specialist should definitely start by investigating the HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\WindowsNT\\CurrentVersion\\Winlogon registry key.
upvoted 0 times
...
Aretha
1 months ago
I agree, the Winlogon registry key seems like the most logical place to check for the missing logs.
upvoted 0 times
...
Diane
1 months ago
Let's hope the security specialist finds the necessary information there to solve this case.
upvoted 0 times
...
Karina
1 months ago
I agree, the Winlogon registry key seems like the most logical place to check for the missing logs.
upvoted 0 times
...
...
Micaela
2 months ago
Hmm, I'm not sure the logs would be stored in the registry. Maybe the security specialist should look for log files in the file system instead.
upvoted 0 times
...
Lorrine
2 months ago
The missing logs are definitely in the registry. I'd start by checking the ProfileList to see if the logs were stored in a user profile.
upvoted 0 times
...
Quinn
2 months ago
I'm not sure, but maybe the security specialist should also consider looking at B) HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\WindowsNT\\CurrentVersion\\ProfileList for any clues.
upvoted 0 times
...
Tamesha
2 months ago
I agree with Ezekiel, checking the Winlogon registry key could provide valuable information about the missing logs.
upvoted 0 times
...
Ezekiel
3 months ago
I think the security specialist should look at A) HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\WindowsNT\\CurrentVersion\\Winlogon next.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77