NCAE Mapping Hub
Overview Scoreboard Data Roles Exercised Checklists Lessons Skill Drills Practice Terminal Progress
performance medium Apply regex-alt 2 points

Question 22. CSCD240-E1-B

Print lines of fw.log matching DENY OR DROP (extended regex).

Work the drill

Answer on paper or in a terminal before revealing the ideal answer.

Ideal answer
grep -E 'DENY|DROP' fw.log
Acceptable alternatives: ["egrep 'DENY|DROP' fw.log", "grep -E '(DENY|DROP)' fw.log"]

Misconception bank

Each row below is a plausible wrong answer, the thinking that produces it, and the remedy that corrects the misconception. These are the foundation of the multiple-choice framing and the targeted feedback a student receives after answering.

grep 'DENY|DROP' fw.log
Misconception. Basic regex treats | as literal; needs -E or escape.
Remedy. Introduce -E (extended) vs basic regex.
grep DENY fw.log; grep DROP fw.log
Misconception. Two commands; loses ordering.
Remedy. Alternation with | is the idiom.

Authority mappings

Hover any chip for the mapping justification; click to open the authority record.

DCWF roles: CS-511 Cyber Defense Analyst
DCWF tasks: T0447
KU outcomes: CD-BSP-O6CO-M9-O1
KU topics: CD-BSP-T3

Course-artifact links

Lectures

  • CSCD240-S26-L08. Pipes, filters, grep, sort, uniq, wc, tar

Lab questions

  • CSCD240-S26-LAB5: Use grep with ^, $, [0-9], \. anchors.