exam questions

Exam CFR-310 All Questions

View all questions & answers for the CFR-310 exam

Exam CFR-310 topic 1 question 53 discussion

Actual exam question from CertNexus's CFR-310
Question #: 53
Topic #: 1
[All CFR-310 Questions]

A security operations center (SOC) analyst observed an unusually high number of login failures on a particular database server. The analyst wants to gather supporting evidence before escalating the observation to management. Which of the following expressions will provide login failure data for 11/24/2015?

  • A. grep 20151124 security_log | grep –c “login failure”
  • B. grep 20150124 security_log | grep “login_failure”
  • C. grep 20151124 security_log | grep “login”
  • D. grep 20151124 security_log | grep –c “login”
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
044f354
2 months, 4 weeks ago
Selected Answer: A
A: grep 20151124 security_log | grep -c "login failure" Summary of the Command: grep 20151124 security_log : Find all log entries from November 24, 2015. | : Pipe that output into another grep command. grep -c "login failure" Count how many times the phrase "login failure" appears in the filtered log entries from that day. The result of this command will be the total number of "login failure" events that occurred on November 24, 2015, which helps the SOC analyst assess the volume of failed login attempts for that day.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago