Exam CFR-310 topic 1 question 53 discussion

Actual exam question from CertNexus's CFR-310

Question #: 53
Topic #: 1

A security operations center (SOC) analyst observed an unusually high number of login failures on a particular database server. The analyst wants to gather supporting evidence before escalating the observation to management. Which of the following expressions will provide login failure data for 11/24/2015?

A. grep 20151124 security_log | grep –c “login failure”
B. grep 20150124 security_log | grep “login_failure”
C. grep 20151124 security_log | grep “login”
D. grep 20151124 security_log | grep –c “login”

Show Suggested Answer

Suggested Answer: C 🗳️

by 044f354 at Sept. 29, 2024, 7:59 p.m.

Comments

Submit Cancel

044f354

1 month, 3 weeks ago

Selected Answer: A

A: grep 20151124 security_log | grep -c "login failure" Summary of the Command: grep 20151124 security_log : Find all log entries from November 24, 2015. | : Pipe that output into another grep command. grep -c "login failure" Count how many times the phrase "login failure" appears in the filtered log entries from that day. The result of this command will be the total number of "login failure" events that occurred on November 24, 2015, which helps the SOC analyst assess the volume of failed login attempts for that day.

upvoted 1 times

...

Exam CFR-310 All Questions

View all questions & answers for the CFR-310 exam

Exam CFR-310 topic 1 question 53 discussion

Comments

044f354

Get IT Certification

New Version GCP Professional Cloud Architect Certificate & Helpful Information

The 5 Most In-Demand Project Management Certifications of 2019