0
0
Jenkinsdevops~20 mins

Security audit logging in Jenkins - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Security Audit Logging Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
💻 Command Output
intermediate
2:00remaining
Jenkins audit log plugin output
You enabled the Jenkins Audit Trail plugin and configured it to log all user actions. What will be the output in the audit log file when a user named 'alice' triggers a build for job 'MyApp'?
ADEBUG: Job MyApp started by user alice
BERROR: Build failed for job MyApp by alice
CINFO: User alice triggered build for job MyApp
DWARN: Unauthorized access attempt by alice on job MyApp
Attempts:
2 left
💡 Hint
Audit logs record user actions like triggering builds, not errors or warnings unless configured.
Configuration
intermediate
2:00remaining
Configuring Jenkins audit logging to file
Which configuration snippet correctly enables audit logging to a file named 'audit.log' in Jenkins?
AauditTrail { enabled yes; logFile 'audit.log' }
BauditTrail { enabled true; logFile 'audit.log' }
CauditTrail { enable true; file 'audit.log' }
DauditTrail { enabled true; logFile '/var/log/jenkins/audit.log' }
Attempts:
2 left
💡 Hint
The correct syntax uses 'enabled true' and an absolute path for logFile.
Troubleshoot
advanced
2:00remaining
Audit logs missing user info
After enabling audit logging, you notice the logs do not show which user performed actions. What is the most likely cause?
AAudit Trail plugin is disabled
BAudit Trail plugin is enabled but Jenkins security realm is set to 'None'
CJenkins master node is offline
DAudit logs are rotated too frequently
Attempts:
2 left
💡 Hint
User info depends on Jenkins authentication being active.
Best Practice
advanced
2:00remaining
Best practice for securing Jenkins audit logs
Which practice best secures Jenkins audit logs against unauthorized access?
AStore audit logs on a separate secured server with restricted access
BKeep audit logs on the Jenkins master with default permissions
CAllow all Jenkins users to read audit logs for transparency
DDisable audit logging to avoid sensitive data exposure
Attempts:
2 left
💡 Hint
Audit logs contain sensitive info and should be protected carefully.
🔀 Workflow
expert
3:00remaining
Implementing centralized audit logging for Jenkins
You want to send Jenkins audit logs to a centralized syslog server for compliance. Which sequence of steps is correct?
A1,2,4,3
B2,1,3,4
C1,4,2,3
D4,1,2,3
Attempts:
2 left
💡 Hint
Start with local logging, then forwarding, secure the channel, then verify.