Which choice below is an accurate statement about the difference between monitoring and
auditing?
A.
A system audit is an ongoing real-time activity that examines a system.
B.
A system audit cannot be automated.
C.
Monitoring is an ongoing activity that examines either the system or the users.
D.
Monitoring is a one-time event to evaluate security.
Explanation:
System audits and monitoring are the two methods organizations use to maintain operational
assurance. Although the terms are used loosely within the computer security community, a system
audit is a one-time or periodic event to evaluate security, whereas monitoring refers to an ongoing
activity that examines either the system or the users. In general, the more real-time an activity is,
the more it falls into the category of monitoring. Source: NIST Special Publication 800- 14, Generally
Accepted Principles and Practices for Securing Information Technology Systems.