Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam GSEC topic 1 question 20 discussion

Actual exam question from GIAC's GSEC
Question #: 20
Topic #: 1
[All GSEC Questions]

An employee is currently logged into the corporate web server, without permission. You log into the web server as 'admin" and look for the employee's username:
"dmaul" using the "who" command. This is what you get back:

  • A. The contents of the /var/log/messages file has been altered
  • B. The contents of the bash history file has been altered
  • C. The contents of the utmp file has been altered
  • D. The contents of the http logs have been altered
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
rincy
Highly Voted 3 years, 8 months ago
C is the correct answer, contents of utmp file is altered
upvoted 7 times
...
[Removed]
Most Recent 10 months ago
C, utmp file was altered
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...