Skip to Content

EC-Council CHFI 312-49: What does the command Last -F display?

Table of Contents

Question

In a Linux-based system, what does the command `Last -F` display?

A. Login and logout times and dates of the system
B. Last run processes
C. Last functions performed
D. Recently opened files

Answer

A. Login and logout times and dates of the system

Explanation

The correct answer is A.

The `last -F` command in Linux displays the login and logout times and dates of the system. The `-F` flag tells the `last` command to display the full login and logout times, including the year, month, day, hour, minute, and second.

For example, the following command will display the last 10 logins to the system:

last -F -n 10

The output of this command will look something like this:

root tty1 2023-05-26 17:21:11 still logged in
root tty1 2023-05-26 17:20:11 - 2023-05-26 17:21:01 (00:00)
jemmons pts/1 192.168.1.112 2023-05-26 17:10 still logged in
oracle pts/1 192.168.1.112 2023-05-26 11:54 - 2023-05-26 12:09 (00:14)
oracle pts/0 192.168.1.112 2023-05-26 11:40 still logged in

The `last` command can also be used to display information about specific users. For example, the following command will display the last 10 logins for the user `oracle`:

last -F -n 10 oracle

The output of this command will look something like this:

oracle pts/1 192.168.1.112 2023-05-26 11:54 - 2023-05-26 12:09 (00:14)
oracle pts/0 192.168.1.112 2023-05-26 11:40 still logged in

ECCouncil Computer Hacking Forensic Investigator (CHFI) 312-49 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the ECCouncil CHFI 312-49 exam and earn ECCouncil CHFI 312-49 certification.