Which choice below is NOT a security goal of an audit mechanism?

A.
Review employee production output records

B.
Deter perpetrators attempts to bypass the system protection mechanisms

C.
Review patterns of access to individual objects

D.
Discover when a user assumes a functionality with privileges greater than his own

Explanation:
The audit mechanism of a computer system has five important security goals: 1. The audit
mechanism must allow the review of patterns of access to individual objects, access histories of
specific processes and individuals, and the use of the various protection mechanisms supported by
the system and their effectiveness.2 2. Allow discovery of both users and outsiders repeated
attempts to bypass the protection mechanisms. 3. Allow discovery of any use of privileges that may
occur when a user assumes a functionality with privileges greater than his or her own, i.e.,
programmer to administrator. In this case, there may be no bypass of security controls, but
nevertheless, a violation is made possible. 4. Act as a deterrent against perpetrators habitual
attempts to bypass the system protection mechanisms. However, to act as a deterrent, the
perpetrator must be aware of the audit mechanisms existence and its active use to detect any
attempts to bypass system protection mechanisms. 5. Supply an additional form of user assurance
that attempts to bypass the protection mechanisms that are recorded and discovered.3 Even if the
attempt to bypass the protection mechanism is successful, the audit trail will still provide assurance
by its ability to aid in assessing the damage done by the violation, thus improving the systems ability
to control the damage. Source: NCSC-TG-001 AGuide to Understanding Audit in Trusted Systems
[Tan Book], and Gligor, Virgil D., Guidelines for Trusted Facility Management and Audit, University of
Maryland, 1985.