Which logs are most likely to reveal the IP address and MAC address of devices on the local network?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CCST Cybersecurity Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which logs are most likely to reveal the IP address and MAC address of devices on the local network?

Explanation:
DHCP server logs are the best source for linking a device’s MAC address to the IP address it has been assigned on the local network. When a device joins the network, it uses the DHCP process to obtain an IP, and the DHCP server records the binding between the device’s hardware address (MAC) and the assigned IP in its lease logs. This direct association makes DHCP logs the most reliable place to see both the IP and MAC for devices on that LAN. DNS logs track name-to-IP mappings and the queries that resolve them; they don’t reveal the device’s MAC address. Firewall logs show traffic patterns and may list IP addresses (and ports), but they don’t typically capture the hardware address of the client. Web server logs record the client’s IP (and sometimes other header-derived identifiers) but not the MAC. On a local network, MAC addresses exist only at layer 2, so DHCP is the mechanism designed to map them to the IPs assigned to devices, making its logs the most informative for this purpose.

DHCP server logs are the best source for linking a device’s MAC address to the IP address it has been assigned on the local network. When a device joins the network, it uses the DHCP process to obtain an IP, and the DHCP server records the binding between the device’s hardware address (MAC) and the assigned IP in its lease logs. This direct association makes DHCP logs the most reliable place to see both the IP and MAC for devices on that LAN.

DNS logs track name-to-IP mappings and the queries that resolve them; they don’t reveal the device’s MAC address. Firewall logs show traffic patterns and may list IP addresses (and ports), but they don’t typically capture the hardware address of the client. Web server logs record the client’s IP (and sometimes other header-derived identifiers) but not the MAC. On a local network, MAC addresses exist only at layer 2, so DHCP is the mechanism designed to map them to the IPs assigned to devices, making its logs the most informative for this purpose.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy