A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?
A.
Perform a vulnerability scan of the system.
B.
Determine the impact of enabling the audit feature.
C.
Perform a cost/benefit analysis of the audit feature.
D.
Allocate funds for staffing of audit log review.
Enabling auditing on a system that handles sensitive information can introduce performance, storage, and operational implications. It's essential for the bank to understand how enabling the audit feature will affect the system's overall functionality and whether there are any potential risks or drawbacks to its operations. Once this assessment is complete, the bank can proceed with other steps, such as allocating resources or conducting vulnerability scans, to ensure smooth implementation.
Answer: B - determine impact
In the CEH curriculum, EC-Council emphasizes that before enabling system auditing, organizations should:
• Understand the technical and performance impact
• Consider how enabling auditing affects system performance, storage, and logging capacity
• Analyze which events to audit to avoid excessive or irrelevant log collection
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
mulekule
2 weeks, 6 days agoNikoTomas
1 month, 1 week ago