Adam works as a Professional Penetration Tester. A project has been assigned to him to test the
vulnerabilities of the CISCO Router of Umbrella Inc. Adam finds out that HTTP Configuration
Arbitrary Administrative Access Vulnerability exists in the router. By applying different password
cracking tools, Adam gains access to the router. He analyzes the router config file and notices the
following lines:
logging buffered errors
logging history critical
logging trap warnings
logging 10.0.1.103
By analyzing the above lines, Adam concludes that this router is logging at log level 4 to the syslog
server 10.0.1.103. He decides to change the log level from 4 to 0.
Which of the following is the most likely reason of changing the log level?
A.
Changing the log level from 4 to 0 will result in the logging of only emergencies. This way the
modification in the router is not sent to the syslog server.
B.
By changing the log level, Adam can easily perform a SQL injection attack.
C.
Changing the log level grants access to the router as an Administrator.
D.
Changing the log level from 4 to 0 will result in the termination of logging. This way the
modification in the router is not sent to the syslog server.
Explanation:
The Router Log Level directive is used by the sys log server to specify the level of severity of the
log. This directive is used to control the types of errors that are sent to the error log by constraining
the severity level. Eight different levels are present in the Log Level directive, which are shown
below in order of their descending significance:
Number Level Description
0emergEmergencies – system is unusable
1alertAction must be taken immediately
2critCritical Conditions
3errorError conditions
4warnWarning conditions
5notice Normal but significant condition
6infoInformational
7debug Debug-level messages
Note: When a certain level is specified, the messages from all other levels of higher significance
will also be reported. For example, when Log Level crit is specified, then messages with log levels
of alert and emerg will also be reported.