CompTIA Tech+ FC0-U71 Practice Question
As an IT administrator, you notice that unauthorized changes have been made to several important company files. To identify the party responsible for these changes, which practice would be the most effective?
Implementing stricter firewall rules
Maintaining and reviewing logs
Performing regular system audits
Restoring the files from the most recent backup
Enforcing frequent password changes for all user accounts