An employee is currently logged into the corporate web server, without permission. You log into the web server as 'admin" and look for the employee's username:
"dmaul" using the "who" command. This is what you get back:
An employee is currently logged into the corporate web server, without permission. You log into the web server as 'admin" and look for the employee's username:
"dmaul" using the "who" command. This is what you get back:
The 'who' command in UNIX-like operating systems reads from the 'utmp' file to display a list of users currently logged into the system. The command output does not show the username 'dmaul', which suggests that the 'utmp' file could have been altered to hide this user's login session. Therefore, the correct answer is that the contents of the 'utmp' file have been altered, as it directly affects what the 'who' command displays.
C is the correct answer, contents of utmp file is altered
C, utmp file was altered