19 Dec Practice Test Question- Logging
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Harry believes that an employee of his organization launched a privilege escalation attack to gain root access on one of the organization’s database servers. The employee does have an authorized user account on the server. What log file would be most likely to contain relevant information?
A. Database Application Log
B. Firewall Log
C. Operating System Log
D. IDS Log
Correct Answer: C
A privilege escalation attack takes place against the operating system and information relevant to this attack is most likely found in the operating system logs. It is unlikely that the database application itself would be involved, so that application’s logs would not likely contain relevant information. The user has authorized access to the system, so the firewall and IDS logs would simply show that authorized access taking place.
Interested in more practice test questions?
Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!
No Comments