113k views
2 votes
A systems administrator notices that several user accounts are frequently getting locked out. Simultaneously, during these lockout instances, the system did not record any logs. Which of the following is the MOST likely explanation for the lack of logs during these events?

A.Unsecure network connection
B.Malware attack
C.Log tampering or deletion
D.Account lockout

1 Answer

7 votes

Final answer:

The lack of logs during the lockout instances is most likely explained by log tampering or deletion. This indicates a possible security breach or unauthorized access and should be investigated and addressed immediately. The correct answer is option C.Log tampering or deletion

Step-by-step explanation:

The MOST likely explanation for the lack of logs during the lockout instances is C. Log tampering or deletion. When user accounts are frequently getting locked out and there are no logs recorded, it suggests that someone might be intentionally tampering with or deleting the logs to cover their tracks.

This could be an indicator of a security breach or unauthorized access to the system. The purpose of tampering with or deleting logs is to hide the activities of the attacker and make it difficult for the system administrator to trace and investigate the cause of the lockouts.

To address this issue, the systems administrator should investigate and strengthen the security measures of the system. This may involve implementing access control policies, monitoring logging activities, and using intrusion detection systems to identify and prevent such tampering attempts.

User DaveD
by
8.4k points