Which of the following is NOT a use of an audit trail?
A.
Collects information such as passwords or infrastructure configurations
B.
Enables the security practitioner to trace a transaction’s history
C.
Provides information about additions, deletions, or modifications to
the data
D.
Assists the monitoring function by helping to recognize patterns of
abnormal user behavior
Explanation:
The correct answer is “Collects information such as passwords or infrastructure configurations”.
Auditing should not be used to collect user’s passwords. It is used for the other three examples,
however.