Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

GIAC Exam GSNA Topic 6 Question 43 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 43
Topic #: 6
[All GSNA Questions]

You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to track the system for user logins. To accomplish the task, you need to analyze the log configuration files. Which of the following Unix log configuration files can you use to

accomplish the task?

Show Suggested Answer Hide Answer
Suggested Answer: C

A null session is an anonymous connection to a freely accessible network share called IPC$ on Windows-based servers. It allows immediate

read and write access with Windows NT/2000 and read-access with Windows XP and 2003.

The command to be inserted at the DOS-prompt is as follows:

net use \IP address_or_host nameipc$ '' '/user:'

net use

Port numbers 139 TCP and 445 UDP can be used to start a NULL session attack.


by Becky at Apr 08, 2024, 09:36 PM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Francine
8 days ago
I'm just here hoping the answer isn't /dev/null. That's where all my brilliant ideas end up!
upvoted 0 times
...
Viva
10 days ago
I bet the /var/log/maillog file would have some useful login information, especially if users are accessing their email through a web interface.
upvoted 0 times
...
Corazon
11 days ago
I'm not sure about this. Can someone explain why /var/log/secure is the correct choice for tracking user logins?
upvoted 0 times
...
Luis
13 days ago
I agree with Mel. /var/log/secure is the right file to track user logins on a Unix-based network.
upvoted 0 times
...
Erasmo
14 days ago
Hah, /var/spool/mail? That's where the actual emails are stored, not the login logs. Come on, we're network admins, not mail clerks!
upvoted 0 times
...
Penney
15 days ago
I'm not sure about that. The /var/log/messages file might be a better option since it contains a more comprehensive log of system activities.
upvoted 0 times
...
Broderick
19 days ago
The /var/log/secure file seems like the obvious choice here. It's where the system records user login and authentication events.
upvoted 0 times
Sherrell
5 days ago
A) /var/log/messages
upvoted 0 times
...
...
Mel
25 days ago
I think the answer is B) /var/log/secure because it contains information about user logins.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77