Which of the following can Peter, a security administrator, implement on his network to capture attack details that are occurring while also protecting his production network?
A. Security logs
B. Protocol analyzer
C. Audit logs
D. Honeypot
CompTIA exam questions
Which of the following can Peter, a security administrator, implement on his network to capture attack details that are occurring while also protecting his production network?
A. Security logs
B. Protocol analyzer
C. Audit logs
D. Honeypot
A company is trying to limit the risk associated with the use of unapproved USB devices to copy documents. Which of the following would be the BEST technology control to use in this scenario?
A. Content filtering
B. IDS
C. Audit logs
D. DLP
A recent intrusion has resulted in the need to perform incident response procedures. The incident response team has identified audit logs throughout the network and organizational systems which hold details of the security breach. Prior to this incident, a security consultant informed the company that they needed to implement an NTP server on the network. Which of the following is a problem that the incident response team will likely encounter during their assessment?
A. Chain of custody
B. Tracking man hours
C. Record time offset
D. Capture video traffic