Computer Hacking Forensic Investigator (CHFI v10) — Question 575

Shane, a forensic specialist, is investigating an ongoing attack on a MySQL database server hosted on a Windows machine with SID `WIN-ABCDE12345F.`
Which of the following log file will help Shane in tracking all the client connections and activities performed on the database server?

Answer options

• A. WIN-ABCDE12345F.err
• B. WIN-ABCDE12345F-bin.n
• C. WIN-ABCDE12345F.pid
• D. WIN-ABCDE12345F.log

Correct answer: D

Explanation

The correct answer is D, as the WIN-ABCDE12345F.log file records all client connections and the activities conducted on the MySQL database server. The other options do not provide this level of detail: A is for error logs, B pertains to binary logs which are not focused on connections, and C is for process IDs.