Multiple Choice
A network administrator is unable to identify the root cause of a network incident because insufficient evidence about the threat actor's actions was logged. The administrator notes that the server receiving and storing the events was not compromised by any attack and is properly communicating with all network devices. Which of the following can the administrator employ to improve network access accountability?
A) Activate the audit logs on the network server and resources.
B) Configure SNMP on the network server.
C) Deploy a central SIEM server into the network.
D) Collect traffic statistics from the servers using NetFlow data.
Correct Answer:
Verified
Correct Answer:
Verified
Q249: A network technician is troubleshooting an issue
Q250: Which of the following DNS record types
Q251: A network administrator frequently needs to assist
Q252: A company has two geographically separate locations
Q253: A technician notices clients are receiving a
Q255: Which of the following VPN protocols establishes
Q256: A technician is replacing a switch at
Q257: Which of the following steps is a
Q258: A network technician is assisting the security
Q259: Users report that the network is slow.