nerdexam
ExamsGCIHQuestions#723
GIAC

GCIH · Question #723

GCIH Question #723: Real Exam Question with Answer & Explanation

The correct answer is D: 859 bytes. In Squid access logs, the bytes field represents the size of data transferred in bytes, making 859 bytes the correct interpretation of the value shown.

Reconnaissance, Scanning, and Enumeration

Question

What is the size of the data transferred in the following Squid access log?

Options

  • A1,460 bytes
  • B1,460 MB
  • C859 MB
  • D859 bytes

Explanation

In Squid access logs, the bytes field represents the size of data transferred in bytes, making 859 bytes the correct interpretation of the value shown.

Common mistakes.

  • A. 1,460 bytes does not correspond to the size field value shown in the log entry.
  • B. Squid does not express transfer sizes in megabytes in its access log format - the field is always bytes.
  • C. 859 MB would imply a massive transfer that would not match the numeric value as recorded in standard Squid log notation.

Concept tested. Interpreting Squid proxy access log byte fields

Reference. http://www.squid-cache.org/Doc/config/access_log/

Topics

#Squid proxy#access logs#log analysis#proxy traffic

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice