GIAC Certified Incident Handler (GCIH) — Question 106
Which of the following files would grow to a large size as a result of a brute force attack?
Answer options
- A. btmp
- B. wtmp
- C. utmp
Correct answer: A
Explanation
The btmp file records failed login attempts, so during a brute force attack, where many incorrect passwords are tried, it will grow quickly. The wtmp file logs all logins and logouts, and the utmp file tracks current users, but they do not specifically log failed attempts, making them less likely to increase in size during such an attack.