An organization's security team detects multiple unauthorized changes in the configuration files of a crucial server. Which of the following tools would BEST help identify who made the changes and when?
Packet capture tools
Endpoint Detection and Response (EDR)
Security Information and Event Management (SIEM)
Domain Name Service (DNS) and Internet Protocol (IP) reputation tools