Which of the following are commonly used criteria to determine when log files should be overwritten? (Choose all that apply.) a. Chronological time b. Occurrence of a critical event c. Size of log file d. Availability of backup media Which of the following Event Viewer log files are found on all systems running the Windows operating system? (Choose all that apply.) a. Directory service log b. System log c. Security log d. Application log e. File replication service log f. DNS server log
Which one of the following events may be triggered by an unsuccessful Windows logon attempt? a. Information event b. Auditing event c. Error event d. Warning event Which of the following would be used to log the successful starting of a Windows service in Event Viewer? a. Information event b. Auditing event c. Error event d. Warning event Which of the following are critical questions that must be addressed when developing a log analysis policy? (Choose all that apply.) a. What anomalies should trigger immediate alerts? b. How long must the deviation occur before registering an anomaly? c. How