A network administrator opens up the RDP port to access network resources from home. Several
months later, the administrator’s account is getting locked out constantly. After closing the port,
which of the following should be used to identify the source of the attack?

A.
Network maps

B.
Change management

C.
Log analysis

D.
Protocol analyzer