When evaluating the recent implementation of an intrusion detection system (IDS), an IS auditor should be MOST concerned with inappropriate:

A. encryption.
B. training.
C. tuning.
D. patching.