Can Socket Inc. find out that no persistent backdoor was placed and that the attack was initiated from an employee inside the company by reviewing event logs that record user faults and exceptions? Refer to scenario 3.
Can Socket Inc. find out that no persistent backdoor was placed and that the attack was initiated from an employee inside the company by reviewing event logs that record user faults and exceptions? Refer to scenario 3.
The answer here is C 8.15 Logging A detective control To record events, generate evidence, ensure the integrity of log information, prevent against unauthorized access, identify information security events that can lad to an information security incident and to support investigation Logs support investigations Socket examined only two logs when it should examine all. So what people are doing, login and out etc