CompTIA Security+ (SY0-701) — Question 351

A university employee logged on to the academic server and attempted to guess the system administrators’ log-in credentials. Which of the following security measures should the university have implemented to detect the employee’s attempts to gain access to the administrators’ accounts?

Answer options

• A. Two-factor authentication
• B. Firewall
• C. Intrusion prevention system
• D. User activity logs

Correct answer: D

Explanation

User activity logs are essential for tracking login attempts and can reveal unauthorized access attempts, making them the best measure for this scenario. While two-factor authentication adds an extra layer of security and firewalls and intrusion prevention systems are important for network security, they do not specifically monitor user behavior or login attempts like user activity logs do.