Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 212-82 Exam - Topic 3 Question 22 Discussion

Actual exam question for Eccouncil's 212-82 exam
Question #: 22
Topic #: 3
[All 212-82 Questions]

Gideon, a forensic officer, was examining a victim's Linux system suspected to be involved in online criminal activities. Gideon navigated to a directory containing a log file that recorded information related to user login/logout. This information helped Gideon to determine the current login state of cyber criminals in the victim system, identify the Linux log file accessed by Gideon in this scenario.

Show Suggested Answer Hide Answer
Suggested Answer: B

/var/log/wtmp is the Linux log file accessed by Gideon in this scenario. /var/log/wtmp is a log file that records information related to user login/logout, such as username, terminal, IP address, and login time. /var/log/wtmp can be used to determine the current login state of users in a Linux system. /var/log/wtmp can be viewed using commands such as last, lastb, or utmpdump1.


by Felix at Feb 14, 2024, 04:01 AM

Limited Time Offer

25%

Off

Get Premium 212-82 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Marleen
4 months ago
Nope, definitely not /var/log/httpd, that's for web server logs!
upvoted 0 times
...
Matthew
4 months ago
Surprised it's not /var/log/syslog, that seems more common.
upvoted 0 times
...
Sonia
4 months ago
I thought it was /var/log/auth.log?
upvoted 0 times
...
Sanda
5 months ago
Yeah, I agree with that!
upvoted 0 times
...
Flo
5 months ago
Pretty sure it's /var/log/wtmp for login/logout info.
upvoted 0 times
...
Cordell
5 months ago
I thought /var/log/httpd was more for web server logs, so I'm leaning towards /var/log/wtmp or /var/log/auth.log for user activity.
upvoted 0 times
...
Fidelia
5 months ago
I feel like /var/log/wtmp could be the right answer since it tracks login sessions, but I can't recall if it's the only one used for this purpose.
upvoted 0 times
...
Minna
5 months ago
I remember practicing a similar question, and I think the correct log file might be related to authentication, possibly /var/log/auth.log?
upvoted 0 times
...
Jannette
6 months ago
I think the log file for user login/logout information is usually found in the /var/log directory, but I'm not sure which specific file it is.
upvoted 0 times
...
Celestina
6 months ago
Hmm, this is a tough one. I'm not entirely sure which log file is the correct answer, but I'll make my best guess and hope for the best.
upvoted 0 times
...
Hoa
6 months ago
Alright, let's see. The question mentions a Linux system and login/logout information, so I'm going to go with /var/log/wtmp. That seems like the most logical choice based on the details provided.
upvoted 0 times
...
Sherell
6 months ago
I'm a bit confused here. The question talks about a victim's system, but the log file options don't seem to match that context. I'll need to re-read this carefully.
upvoted 0 times
...
Yoko
6 months ago
Okay, I think I've got this. The question mentions a Linux system and login/logout information, so I'm guessing the correct answer is /var/log/wtmp.
upvoted 0 times
...
Luis
6 months ago
Hmm, this seems like a tricky one. I'll need to carefully review the information provided and think through the different log file options.
upvoted 0 times
...
Xenia
6 months ago
This question seems straightforward, but I want to double-check the criteria for determining control of a non-U.S. corporation. Let me think through the options carefully.
upvoted 0 times
...
Darrel
6 months ago
This seems like a pretty straightforward question. I'd go with option C - setting the project's purpose, mission, and vision. That's a critical first step to get everyone aligned before diving into the details.
upvoted 0 times
...
Carlee
2 years ago
I would choose /var/log/httpd/ as well, it makes the most sense in this scenario
upvoted 0 times
...
Marla
2 years ago
I agree with Dominque, because HTTPD logs typically contain user login/logout information
upvoted 0 times
...
Dominque
2 years ago
I think the Linux log file accessed by Gideon is /var/log/httpd/
upvoted 0 times
...

Save Cancel