The server log shows 25 SSH login sessions per hour. However, it is a large company and the
administrator does not know if this is normal behavior or if the network is under attack. Where
should the administrator look to determine if this is normal behavior?
A.
Change management
B.
Code review
C.
Baseline reporting
D.
Security policy
Explanation: