Logical Operations Exam CFR-210 Topic 2 Question 58 Discussion

Actual exam question for Logical Operations's CFR-210 exam

Question #: 58
Topic #: 2

A DMZ web server has been compromised. During the log review, the incident responder wants to parse all common internal Class A addresses from the log. Which of the following commands should the responder use to accomplish this?

Agrep --x''(10.[0-9]+.[0-9]+.[0-9]+)'' etc/rc.d/apache2/access.log | output.txt

Bgrep --x''(192.168.[0.9]+[0-9])'' bin/apache2/access.log | output.txt

Cgrep --v''(10.[0-9]+.[0-9]+.[0-9]+)'' /var/log/apache2/access.log > output.txt

Dgrep --v''(192.168.[0.9]+[0-9]+)'' /var/log/apache2/access.log > output.txt

Show Suggested Answer

Suggested Answer: C

by Eun at Mar 08, 2024, 10:54 AM

Limited Time Offer

25%

Off

Get Premium CFR-210 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Laquita

8 months ago

Jesus, D is not correct because it's looking for addresses in the 192.168.x.x range, not the internal Class A range.

upvoted 0 times

...

Jesus

9 months ago

I'm not sure, but I think D might also work by excluding Class A addresses in 192.168.x.x range.

upvoted 0 times

...

Esteban

9 months ago

I agree with Laquita, C seems like the correct option to filter out internal Class A addresses.

upvoted 0 times

...

Laquita

9 months ago

I think the right command is C, because it uses the -v option to exclude Class A addresses in 10.x.x.x range.

upvoted 0 times

...