A network administrator is unable to identify the root cause of a network incident because insufficient evidence about the threat actor's actions was logged. The administrator notes that the server receiving and storing the events was not compromised by any attack and is properly communicating with all network devices. Which of the following can the administrator employ to improve network access accountability?
A) Activate the audit logs on the network server and resources.
B) Configure SNMP on the network server.
C) Deploy a central SIEM server into the network.
D) Collect traffic statistics from the servers using NetFlow data.
Correct Answer:
Verified
Q501: A help desk technician is assisting a
Q502: A network technician is configuring a new
Q503: A store owner would like to have
Q504: A company recently upgraded a legacy firewall
Q505: A network administrator has discovered a low-end
Q507: A network field technician is installing and
Q508: A website administrator is concerned the company's
Q509: Which of the following is the MOST
Q510: A company is implementing a new firewall.
Q511: A Chief Information Officer (CIO) wants to
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents