An administrator thinks the UNIX systems may be compromised, but a review of system log files provides no useful information. After discussing the situation with the security team, the administrator suspects that the attacker may be altering the log files and removing evidence of intrusion activity. Which of the following actions will help detect attacker attempts to further alter log files?
A) Enable verbose system logging
B) Change the permissions on the user's home directory
C) Implement remote syslog
D) Set the bash_history log file to "read only"
Correct Answer:
Verified
Q196: Which of the following is commonly used
Q197: A malicious attacker has intercepted HTTP traffic
Q198: An organization wants to conduct secure transactions
Q199: Two users need to securely share encrypted
Q200: While reviewing the security controls in place
Q202: Which of the following would enhance the
Q203: During a third-party audit, it is determined
Q204: An audit has revealed that database administrators
Q205: When generating a request for a new
Q206: A global gaming console manufacturer is launching
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents