After an intrusion has been contained and the compromised systems having been reinstalled, which
of the following need not be reviewed before bringing the systems back to service?
A.
Access control lists
B.
System services and their configuration
C.
Audit trails
D.
User accounts