By default, which directory does the audit_binfile plug-in write log files in, and what is the maximum size of each log file?
A. /var/adm/audit, 100 MB
B. /var/audit, 100 MB
C. /var/adm, no limit
D. /var/audit, no limit
E. /var/adm/audit, 16 EB
Correct Answer: D
Explanation/Reference:
Explanation:
* The following directives cause audit_binfile.so to be loaded, specify the directories for writing audit logs, and specify the percentage of required free space per directory.
auditconfig -setplugin audit_binfile active
"p_dir=/var/audit/jedgar/eggplant,/var/audit/jedgar.aux/eggplant, /var/audit/global/eggplant;p_minfree=20;p_fsize=4.5GB"
* The attributes specifying the configuration of audit_binfile plugin include:
p_dir
dir1[,dir2],.. [,dirn]
A list of directories, where the audit files will be created. Any valid writable directory can be specified.
p_fsize
The p_fsize attribute defines the maximum size that an audit file can become before it is automatically closed and a new audit file is opened. This is equivalent to an administrator issuing an audit -ncommand when the audit file size equals the value specified by the administrator. The default size is zero (0), which allows the file to grow without bound.
Download Printable PDF. VALID exam to help you PASS.
|
|
D
By default, the /var/audit file system holds audit files for the audit_binfile plugin.
The default class preselection creates files in /var/audit that grow by about 80 bytes for every recorded instance of an event in the lo class, such as a login, logout, or role assumption.
By default, an audit file can grow to the size of the pool. For manageability, limit the size of the audit files.