Certified Incident Handler (ECIH) — Question 34
Tenda, a network specialist at an organization, was examining logged data using Windows Event Viewer to identify attempted or successful unauthorized activities. The logs analyzed by Tenda include events related to Windows security; specifically, log-on/log-off activities, resource access, and also information based on Windows system's audit policies.
Identify the type of event logs analyzed by Tenda in the above scenario.
Answer options
- A. Application event log
- B. Setup event log
- C. Security event log
- D. System event log
Correct answer: C
Explanation
The correct answer is C, the Security event log, as it specifically records security-related events such as log-on/log-off activities and resource access attempts. The other options, like Application event log and System event log, track different types of information that are not focused on security events.