A new security policy adopted by your organization states that you must monitor for attacks that compromise user accounts. Which of the following activities should you monitor?
A. sensitive file access in a 12-hour period
B. average throughput of the network perimeter
C. failed logins in a 24-hour period
D. port scans in a 24-hour period
C
Explanation: You should monitor failed logins in a 24-hour period. Brute force attacks will attempt to access the same user account using different passwords, resulting in repeated failed logins.
None of the other activities will help you to monitor for attacks that compromise user accounts.
You might also like to view...
Which of the following can be implemented on a WAP to ensure that only certain client machines can access it?
A. Wire encryption B. Disabling SSID C. MAC filtering D. Port forwarding
Many companies have invested in laying fiber-optic cables across the ocean, resulting in a truly global Internet.
Answer the following statement true (T) or false (F)