Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CompTIA Exam SY0-601 Topic 2 Question 80 Discussion

Actual exam question for CompTIA's SY0-601 exam
Question #: 80
Topic #: 2
[All SY0-601 Questions]

A security analyst is investigating a malware incident at a company The malware is accessing a command-and-control website at www.comptia.com. All outbound internet traffic is logged to a syslog server and stored in /logfiles/messages Which of the following commands would be best for the analyst to use on the syslog server to search for recent traffic to the command-and-control website?

Show Suggested Answer Hide Answer

Contribute your Thoughts:

Johna
7 months ago
Also, D looks wrong. grep can't take a negative number like that. C is the best choice.
upvoted 0 times
...
Alpha
7 months ago
Makes sense. Options A and B seem off because they mix the commands incorrectly.
upvoted 0 times
...
Dustin
7 months ago
I agree, C makes sense. Logs are usually big, so tail -500 to get recent entries, then grep the URL.
upvoted 0 times
...
Fausto
7 months ago
I think the correct answer might be C. You need to use grep after tailing the log file.
upvoted 0 times
...
Alpha
7 months ago
Yeah, it's about finding the command to check the logs. What do you think?
upvoted 0 times
...
Johna
7 months ago
Did you see the question about the malware incident?
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77