CompTIA ITF+ FC0-U61 Practice Question
As an IT administrator, you notice that unauthorized changes have been made to several important company files. To identify the party responsible for these changes, which practice would be the most effective?
Restoring the files from the most recent backup
Maintaining and reviewing logs
Implementing stricter firewall rules
Performing regular system audits
Enforcing frequent password changes for all user accounts