300-215 · Question #133
300-215 Question #133: Real Exam Question with Answer & Explanation
The correct answer is B: /etc/shadow. /etc/shadow stores per-account password metadata that is readable only by root, including the last password change date (and other aging fields like minimum/maximum days and expiration), which is exactly what’s needed to review account password-change timelines after suspected un
Question
The Linux system administrator of a company suspects that physical unauthorized access was granted to a local Linux terminal. The administrator wants to examine the suspected machine for potential unauthorized use and to get information about every account in this terminal, including when the password last changed. The administrator logs in as a root user. Which file should be examined to get the information?
Options
- A/etc/users
- B/etc/shadow
- C/etc/auth
- D/etc/passwd
Explanation
/etc/shadow stores per-account password metadata that is readable only by root, including the last password change date (and other aging fields like minimum/maximum days and expiration), which is exactly what’s needed to review account password-change timelines after suspected unauthorized access.
Topics
Community Discussion
No community discussion yet for this question.