GIAC Certified Incident Handler (GCIH) — Question 6
Which file contains information about failed login attempts on a Unix system?
Answer options
- A. ctmp
- B. wtmp
- C. btmp
- D. utmp
Correct answer: C
Explanation
The correct answer is C (btmp), as this file specifically logs failed login attempts. The other files serve different purposes: wtmp records successful logins, utmp contains information about currently logged-in users, and ctmp is not a standard file used in Unix systems.