ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 64 discussion

Actual exam question from CompTIA's CS0-003
Question #: 64
Topic #: 1
[All CS0-003 Questions]

A security analyst is trying to identify possible network addresses from different source networks belonging to the same company and region. Which of the following shell script functions could help achieve the goal?

  • A. function w() { a=$(ping -c 1 $1 | awk-F ”/” ’END{print $1}’) && echo “$1 | $a” }
  • B. function x() { b=traceroute -m 40 $1 | awk ’END{print $1}’) && echo “$1 | $b” }
  • C. function y() { dig $(dig -x $1 | grep PTR | tail -n 1 | awk -F ”.in-addr” ’{print $1}’).origin.asn.cymru.com TXT +short }
  • D. function z() { c=$(geoiplookup$1) && echo “$1 | $c” }
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by kmordalv at Sept. 8, 2023, 9:22 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kmordalv
Highly Voted 1 year, 8 months ago
Selected Answer: C
This function takes an IP address as an argument and performs two DNS lookups using the dig command. The first lookup uses the -x option to perform a reverse DNS lookup and get the hostname associated with the IP address. The second lookup uses the origin.asn.cymru.com domain to get the autonomous system number (ASN) and other information related to the IP address, such as the country code, registry, or allocation date. The function then prints the IP address and the ASN information, which can help identify any network addresses that belong to the same ASN or region
upvoted 13 times
[Removed]
1 year, 5 months ago
ChatGPT is wrong here again... Answer is D. Straight forward geo ip lookup. Question states same company and region, so Geo search is the most plausible.
upvoted 3 times
...
...
deeden
Highly Voted 1 year, 5 months ago
Selected Answer: C
has anyone tried this in live environment? from testing, it appears C is the best option here. try running this command in linux shell to compare result. output from options A and B does not make any sense. C. dig 8.8.8.8.origin.asn.cymru.com TXT +short D. geoiplookup 8.8.8.8
upvoted 7 times
...
yecaced
Most Recent 1 month, 2 weeks ago
Selected Answer: C
Correct Answer: C. function y() (ASN Lookup via dig) Why? The goal is to identify possible network addresses from different source networks belonging to the same company and region. ASN (Autonomous System Number) lookups help correlate IPs to the same organization or network. function y() uses dig to perform a reverse DNS lookup and query ASN records, which can group related IPs under the same network.
upvoted 1 times
...
Lilik
8 months, 2 weeks ago
C is correct. Dig is showing information from the DNS names.
upvoted 1 times
...
b0ad9e1
1 year, 4 months ago
Selected Answer: C
Key request is "different source networks belonging to the same company and region" geoiplookup will give you regions, but not confirm that different source networks belong to the same company. Using dig to will give you the ASNs of all the IPs so you will know who owns it as well as the regions.
upvoted 3 times
...
RobV
1 year, 4 months ago
Selected Answer: C
Option C is more likely to help identify network addresses from the same company and region. It uses the dig command to perform a reverse DNS lookup, extracts information about the origin ASN (Autonomous System Number), and can be useful for identifying networks. Option D uses geoiplookup and may not provide as detailed information about the network and its region.
upvoted 4 times
...
VVV4WIN
1 year, 5 months ago
Selected Answer: D
D all the way because region lookup is done with geoiplookup
upvoted 1 times
daddylonglegs
1 year, 3 months ago
Except the question isn't asking about region lookup. The question is saying that the analyst is looking for possible network addresses from different source networks.
upvoted 5 times
LoneStarChief
10 months ago
Then I guess you missed this part of the question: "same company and region." which makes it 'D' but that is just my 2cents.
upvoted 3 times
...
...
...
[Removed]
1 year, 5 months ago
Selected Answer: D
Answer is D. Straight forward geo ip lookup. Question states same company and region, so Geo search is the most plausible. c=$(geoiplookup $1)/ This is a command to look up the geo location of the IP address specified
upvoted 2 times
ocord14
1 year, 4 months ago
it does but how does this command ensures it belongs to the company? the dig command and PTR should give enough information about the company ownership of the IP address.
upvoted 5 times
...
...
Frog_Man
1 year, 7 months ago
D because the question is looking for region.
upvoted 1 times
daddylonglegs
1 year, 3 months ago
No the question is looking for network addresses, it only says that they are from the same country and region. Read the whole question
upvoted 2 times
...
...
[Removed]
1 year, 7 months ago
Selected Answer: C
THEY ARE TRYING TO TRICK YOU Be careful with the syntax; it looks like there might be a typo in the original function ("geoiplookup$1" should be "geoiplookup $1").
upvoted 2 times
[Removed]
1 year, 7 months ago
Sorry, I meant D. "To identify possible network addresses from different source networks belonging to the same company and region, you would likely benefit from geolocation information and perhaps some network routing information. Among the choices given, function z() using geoiplookup "
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago