Why should user IDs be included in data captured by auditing procedures?
A.
Shows what files were attacked
B.
Establishes individual accountability
C.
Needed to detect a denial-of-service attack
D.
Activates corrective measures
Explanation:
For auditing purposes the procedure should capture user ID, time of
event, type of event, and source workstation. User ID makes individuals accountable
for their actions.