A security engineer is trying to determine whether an internal server was accessed by hosts on the internet.
The internal server was shut down during the investigation. Which of the following will the engineer review to
determine whether the internal server had an unauthorized access attempt?
A. The ARP table
B. The NetFlow statistics
C. The firewall logs
D. The audit logs on the core switch
The internal server was shut down during the investigation. Which of the following will the engineer review to
determine whether the internal server had an unauthorized access attempt?
A. The ARP table
B. The NetFlow statistics
C. The firewall logs
D. The audit logs on the core switch