CertNexus Certified Cyber Secure Coder (CSC) — Question 66

According to company policy, all accounts with administrator privileges should have suffix _ja. While reviewing Windows workstation configurations, a security administrator discovers an account without the suffix in the administrator’s group. Which of the following actions should the security administrator take?

Answer options

• A. Review the system log on the affected workstation.
• B. Review the security log on a domain controller.
• C. Review the system log on a domain controller.
• D. Review the security log on the affected workstation.

Correct answer: B

Explanation

The correct action is to review the security log on a domain controller because it will provide insights into account activities and potential security breaches. The other options focus on logs that do not provide comprehensive data on user privileges across the domain, particularly for unauthorized account usage.