Weekend Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

You have reason to believe someone with a domain user account has been accessing and...

GIAC GSEC Full Course Access
GIAC GSEC View All Questions

You have reason to believe someone with a domain user account has been accessing and modifying sensitive spreadsheets on one of your application servers. You decide to enable auditing for the files to see who is accessing and changing them. You enable the Audit Object Access policy on the files via Group Policy. Two weeks later, when you check on the audit logs, you see they are empty. What is the most likely reason this has happened?

A.

You cannot enable auditing on files, just folders

B.

You did not enable auditing on the files

C.

The person modifying the files turned off auditing

D.

You did not save the change to the policy

GSEC PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now GSEC pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
At what point in the Incident Handling process should an organization determine its approach to...
Use nmap to discover a host on the 10.
Previous