Week 6 - Virtualization, Logging

Question 1

What is virtualization?

Answer 1

Virtualization creates a computer environment that can run a complete OS as if it were running on your physical hardware

Question 2

What is a virtual machine?

Answer 2

The simulated computer environment

Question 3

Where are events logged by the operating system stored in Windows?

Answer 3

The Event Viewer

Question 4

Describe 3 of the types of event logs you’d see in the Windows Event Viewer?

S, S, AS

Answer 4

1. System logs
2. Security logs
3. Applications and Service logs

Question 5

Where are logs stored on Linux?

Answer 5

/var/log

Question 6

If you have an idea of where a problem might lie, it’s better to search for the more….? Linux

log

Answer 6

Better to search in the smaller, more specific file for the log of the suspected problem

Question 7

What does the /var/log/syslog file log on Linux? Why should this be your first stop?

Answer 7

The syslog file contains everything minus “off” events, and it should be the first stop because it’s the most detailed log file

Question 8

What does the /var/log/auth.log file log? Linux

police

Answer 8

Security related events

Question 9

What does the /var/log/kern.log file log? Linux

Answer 9

Kernel message logs

Question 10

What does the /var/log/dmesg file log? Linux

Answer 10

System start-up message logs

Question 11

What is log rotating? Linux

old/new

Answer 11

Log rotating deletes older logs and replaces them with newer ones

Question 12

What is centralized logging? Linux

one

Answer 12

Centralized logging allows a user to access logs from multiple systems in one centralized location

Question 13

What is Unix Epoch time?

then

Answer 13

It’s a timestamp meant to represent “then”, the seconds since January 1, 1970

It gives Unix based computers a sense of time