nerdexam
Mile2_Security

ML0-320 · Question #173

ML0-320 Question #173: Real Exam Question with Answer & Explanation

Sign in or unlock ML0-320 to reveal the answer and full explanation for question #173. The question stem and answer options stay visible for context.

Question

If an attacker gets Adminsitrative-level access, why cant the entries in the Event log be trusted with certainty? Choose two.

Options

  • AEntries in the event log are not digitally signed
  • BThe attacker may have been able to simply clear the event log, thus erasing evidence of the
  • CTools like Winzapper allow the attacker to selectively delete log entries associated with the initial
  • DEvent logs have NTFS permissions of Everyone Full Control and thus can be easily edited.

Unlock ML0-320 to see the answer

You've previewed enough free ML0-320 questions. Unlock ML0-320 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock ML0-320 - $49.99 / 30 daysSign in
Full ML0-320 Practice
If an attacker gets Adminsitrative-level access, why cant the... | ML0-320 Q#173 Answer | NerdExam