CompTIACompTIA
XK0-005 · Question #38
XK0-005 Question #38: Real Exam Question with Answer & Explanation
The correct answer is A: /var/log/audit/audit.log. https://access.redhat.com/documentation/en- us/red_hat_enterprise_linux/6/html/security_guide/sec-understanding_audit_log_files
Security
Question
A system administrator has set up third-party log aggregation agents across several cloud instances. The systems administrator wants to create a dashboard of failed SSH attempts and the usernames used. Which of the following files should be watched by the agents?
Options
- A/var/log/audit/audit.log
- B/var/log/kern.log
- C/var/log/monitor
- D/etc/rsyslog.conf
Explanation
https://access.redhat.com/documentation/en- us/red_hat_enterprise_linux/6/html/security_guide/sec-understanding_audit_log_files
Topics
#Linux logging#auditd#SSH security#log aggregation
Community Discussion
No community discussion yet for this question.