A security analyst is investigating a malware incident at a company. The malware is accessing a command-
and-control website at www.comptia.com. All outbound Internet traffic is logged to a syslog server and stored
in /logfiles/messages. Which of the following commands would be best for the analyst to use on the syslog
server to search for recent traffic to the command-and-control website?
A. head -500 www.comptia.com | grep /logfiles/messages
B. cat /logfiles/messages | tail -500 www.comptia.com
C. tail -500 /logfiles/messages | grep www.comptia.com
D. grep -500 /logfiles/messages | cat www.comptia.com
and-control website at www.comptia.com. All outbound Internet traffic is logged to a syslog server and stored
in /logfiles/messages. Which of the following commands would be best for the analyst to use on the syslog
server to search for recent traffic to the command-and-control website?
A. head -500 www.comptia.com | grep /logfiles/messages
B. cat /logfiles/messages | tail -500 www.comptia.com
C. tail -500 /logfiles/messages | grep www.comptia.com
D. grep -500 /logfiles/messages | cat www.comptia.com