CompTIA CySA+CS0-002 – Question048

An organization recently discovered that spreadsheet files containing sensitive financial data were improperly stored on a web server. The management team wants to find out if any of these files were downloaded by public users accessing the server. The results should be written to a text file and should include the date, time, and IP address associated with any spreadsheet downloads. The web server's log file is named webserver.log, and the report file name should be accessreport.txt. Following is a sample of the web server's log file:

Which of the following commands should be run if an analyst only wants to include entries in which a spreadsheet was successfully downloaded?

A.
more webserver.log | grep *.xls > accessreport.txt
B. more webserver.log > grep "*xls" | egrep E `success' > accessreport.txt
C. more webserver.log | grep E "return=200 | xls" > accessreport.txt
D. more webserver.log | grep A *.xls < accessreport.txt

Correct Answer: B