Practice Test Question-Log Analysis

Practice Test Question-Log Analysis

Practice Test Question-Log Analysis

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.

Gary is conducting an incident investigation and would like to detect attempts to connect to a server over an RDP connection. What logs would be least likely to contain this information?

A. System Logs

B. Security Logs

C. Netflow Logs

D. Database Logs

Correct Answer: D

Gary may find relevant information in the system and security logs because the login attempts would likely be tracked by the operating system in those locations. Netflow records may also contain details of the traffic flow to the server. There is no database involved in an RDP connection, so database logs are not likely to contain useful information.


Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!

No Comments

Post A Comment