Which of the following did the administrator MOST likely configure that will assist the investigators?

– by 0

A privileged user at a company stole several proprietary documents from a server. The user also went into the log files and deleted all records of the incident. The systems administrator has just informed investigators that other log files are available for review. Which of the following did the administrator MOST likely configure that will assist the investigators?
A. Memory dumps
B. The syslog server
C. The application log
D. The log retention policy

How To Pass SY0-601 Exam?

CompTIA SY0-601 PDF dumps.

High quality SY0-601 pdf and software. VALID exam to help you pass.
comptia-exams

0 thoughts on “Which of the following did the administrator MOST likely configure that will assist the investigators?

  1. An audit log retention policy lets you specify how long to retain audit logs in your organization. You can retain audit logs for up to 10 years. You can create policies based on the following criteria: All activities in one or more Microsoft 365 services

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.