Which choice below is an accurate statement about the difference
between monitoring and auditing?
A.
A system audit is an ongoing real-time activity that examines a
system.
B.
A system audit cannot be automated.
C.
Monitoring is an ongoing activity that examines either the system or
the users.
D.
Monitoring is a one-time event to evaluate security.
Explanation:
System audits and monitoring are the two methods organizations
use to maintain operational assurance. Although the terms are used
loosely within the computer security community, a system audit is a
one-time or periodic event to evaluate security, whereas monitoring
refers to an ongoing activity that examines either the system or the
users. In general, the more real-time an activity is, the more it falls
into the category of monitoring. Source: NIST Special Publication 800-14, Generally Accepted Principles and Practices for Securing Information
Technology Systems.