Which component of a secure operating system architecture logs every successful and failed user authentication attempt to provide an audit trail for forensic review? MCQ with Answer and Explanation
Which component of a secure operating system architecture logs every successful and failed user authentication attempt to provide an audit trail for forensic review?
A. Heuristic Monitor
B. Security Event Log / Audit Log
C. Firewall Filter Sheet
D. Quarantine Vault
Answer: Option B
Solution (By JKExamLibrary)
Security event logs provide an immutable chronological record of access histories, system errors, and authentication attempts to assist forensic investigations.
What form of malicious code hides itself inside the deep administrative or kernel layer of an operating system to hide active system tracking files from malware sweeps?
Explanation:
Rootkits modify system kernel code to hide processes, files, and network links, rendering themselves invisible to standard antivirus utilities.
A decoy server environment containing realistic fake database logs deployed alongside real company servers to trick hackers and track their attack techniques is a/an:
Explanation:
Honeypots are decoy nodes configured to attract, log, and study security attackers while isolating them from the rest of the enterprise network.
Which software asset isolates confirmed or highly suspected malware components in a protected, un-executable folder directory to protect host application security?
Explanation:
Antivirus quarantine utilities isolate suspected malware files in a secure directory structure, keeping them from interacting with the main OS.
No comments yet. Be the first to start the discussion!