Certified Ethical Hacker (CEH v12) — Question 250

A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?

Answer options

• A. Perform a vulnerability scan of the system.
• B. Determine the impact of enabling the audit feature.
• C. Perform a cost/benefit analysis of the audit feature.
• D. Allocate funds for staffing of audit log review.

Correct answer: B

Explanation

The correct answer is B because understanding the impact of enabling auditing is crucial to ensure that the system can handle the additional load and that it complies with regulatory requirements. Options A, C, and D, while important, are not the first priorities; knowing the impact is essential before proceeding with any further actions.