CompTIA Security+ Question F-30

Ann, the security administrator, received a report from the security technician, that an unauthorized new user account was added to the server over two weeks ago. Which of the following could have mitigated this event?

A. Routine log audits
B. Job rotation
C. Risk likelihood assessment
D. Separation of duties

Answer: A

Explanation:
When a new user account is created, an entry is added to the Event Logs. By routinely auditing the event logs, you would know that an account has been created.

CompTIA Security+ Question C-89

The information security technician wants to ensure security controls are deployed and functioning as intended to be able to maintain an appropriate security posture. Which of the following security techniques is MOST appropriate to do this?

A. Log audits
B. System hardening
C. Use IPS/IDS
D. Continuous security monitoring

Answer: D

Explanation:
A security baseline is the security setting of a system that is known to be secure. This is the initial security setting of a system. Once the baseline has been applied, it must be maintained or improved. Maintaining the security baseline requires continuous monitoring.