Certified SOC Analyst (CSA) — Question 80

Peter, a SOC analyst with Spade Systems, is monitoring and analyzing the router logs of the company and wanted to check the logs that are generated by access control list numbered 210.
What filter should Peter add to the 'show logging' command to get the required output?

Answer options

• A. show logging | access 210
• B. show logging | forward 210
• C. show logging | include 210
• D. show logging | route 210

Correct answer: C

Explanation

The correct answer is C, as using 'include' allows Peter to filter the logs to only show entries that contain the specified access control list number 210. The other options do not utilize valid filtering commands for the 'show logging' output, thus they would not provide the desired results.