GIAC Exam GSNA Topic 6 Question 43 Discussion

Actual exam question for GIAC's GSNA exam

Question #: 43
Topic #: 6

[All GSNA Questions]

You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to track the system for user logins. To accomplish the task, you need to analyze the log configuration files. Which of the following Unix log configuration files can you use to

accomplish the task?

A/var/log/messages

B/var/log/secure

C/var/spool/mail

D/var/log/maillog

Show Suggested Answer

Suggested Answer: C

A null session is an anonymous connection to a freely accessible network share called IPC$ on Windows-based servers. It allows immediate

read and write access with Windows NT/2000 and read-access with Windows XP and 2003.

The command to be inserted at the DOS-prompt is as follows:

net use \IP address_or_host nameipc$ '' '/user:'

net use

Port numbers 139 TCP and 445 UDP can be used to start a NULL session attack.

by Becky at Apr 08, 2024, 09:36 PM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Mel

5 days ago

I think the answer is B) /var/log/secure because it contains information about user logins.

upvoted 0 times

...