CompTIA CySA+ (CS0-003) — Question 524

A security analyst is writing a shell script to identify IP addresses from the same country. Which of the following functions would help the analyst achieve the objective?

Answer options

• A. function w() { info=$(ping -c 1 $1 | awk -F “/” ‘END{print $1}’) && echo “$1 | $info” }
• B. function x() { info=$(geoiplookup $1) && echo “$1 | $info” }
• C. function y() { info=$(dig -x $1 | grep PTR | tail -n 1 ) && echo “$1 | $info” }
• D. function z() { info=$(traceroute -m 40 $1 | awk ‘END{print $1}’) && echo “$1 | $info” }

Correct answer: B

Explanation

The correct answer is B because the 'geoiplookup' command is specifically designed to map IP addresses to geographical locations, allowing the analyst to identify their country. The other options utilize commands like ping, dig, and traceroute, which do not provide geographical data but rather network-related information.