A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?
A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?
Periodically reviewing log files is the most effective method in detecting unsuccessful intrusion attempts from outside the organization. Log files can provide detailed records of access attempts, which can be analyzed to identify patterns of suspicious activity and unsuccessful intrusion attempts. Configuring the router as a firewall primarily serves to block unauthorized access but does not provide the same level of detail in monitoring intrusion attempts. Biometrics-based authentication and smart cards with one-time passwords are more relevant to authenticating users rather than detecting intrusion attempts.
C. Installing biometrics-based authentication. They are talking about physical intrusion and not network intrusion.
Configuring your router as a firewall (option B) is a basic security measure to prevent unauthorized access to your network from outside, but it does nothing to detect intrusion attempts. Firewalls typically provide protection by blocking unauthorized traffic, but they do not generate detailed logs of attempts. Therefore, for the specific purpose of detecting intrusion attempts, the most effective method is to regularly review log files.