PrepAway - Latest Free Exam Questions & Answers

Which of the following log types would the administrator check?

A security administrator needs to determine which system a particular user is trying to login to at various
times of the day. Which of the following log types would the administrator check?

PrepAway - Latest Free Exam Questions & Answers

A.
Firewall

B.
Application

C.
IDS

D.
Security

Explanation:
The security log records events such as valid and invalid logon attempts, as well as events related to
resource use, such as the creating, opening, or deleting of files. For example, when logon auditing is
enabled, an event is recorded in the security log each time a user attempts to log on to the computer.
You must be logged on as Administrator or as a member of the Administrators group in order to turn on,
use, and specify which events are recorded in the security log.
Incorrect Answers:A: A firewall is a hardware device or a software application designed to restrict what data traffic can enter
or leave the network. A firewall log logs which traffic has been allowed through the firewall and which
traffic it has blocked. It does not record attempted logon events.
B: The Application log contains events logged by applications or programs. For example, a database
program might record a file error in the application log. Program developers decide which events to log. It
does not record attempted logon events.
C: An IDS (Intrusion Detection System) is used to detect attempts to access computer systems on a
network. The IDS log will log intrusion attempts to access the systems. It does not record attempted logon
events specifically as a security event log does.

https://technet.microsoft.com/en-us/library/cc722404.aspx?f=255&MSPPError=-2147217396


Leave a Reply