Joe, a security administrator, believes that a network breach has occurred in the datacenter as a
result of a misconfigured router access list, allowing outside access to an SSH server. Which of
the following should Joe search for in the log files?
A.
Failed authentication attempts
B.
Network ping sweeps
C.
Host port scans
D.
Connections to port 22