ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 238 discussion

Actual exam question from CompTIA's PT0-002
Question #: 238
Topic #: 1
[All PT0-002 Questions]

A penetration tester was able to compromise a web server and move laterally into a Linux web server. The tester now wants to determine the identity of the last user who signed in to the web server. Which of the following log files will show this activity?

  • A. /var/log/messages
  • B. /var/log/last_user
  • C. /var/log/user_log
  • D. /var/log/lastlog
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Frog_Man at Feb. 22, 2023, 12:12 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
nickwen007
8 months ago
/var/log/lastlog is a file that contains information about the last time each user logged in to the system. It is usually used by the system administrator to track when and how users log in.
upvoted 3 times
...
cy_analyst
8 months ago
Selected Answer: D
The lastlog file contains information about the last login sessions of users on the system. It records the time and date of the last login, as well as the terminal or source IP address from which the user logged in. The lastlog file is usually only accessible to the root user, but a penetration tester who has gained root access to the system should be able to read it.
upvoted 3 times
...
[Removed]
8 months ago
D is correct The /var/log/lastlog file is a log file that stores information about the last user to sign in to the server. This file stores information such as the username, IP address, and timestamp of the last user to sign in to the server. It can be used by a penetration tester to determine the identity of the last user who signed in to the web server, which can be helpful in identifying the user who may have set up the backdoors and other malicious activities.
upvoted 2 times
...
[Removed]
8 months, 2 weeks ago
Answer the other new questions and share your idea
upvoted 1 times
...
[Removed]
8 months, 2 weeks ago
D is correct answer
upvoted 2 times
...
Frog_Man
8 months, 3 weeks ago
D is correct from web search.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago