An information security manager has implemented procedures for monitoring specific activities on the network. The system administrator has been trained to analyze the network events, take appropriate action and provide reports to the information security manager. What additional monitoring should be implemented to give a more accurate, risk-based view of network activity?
Select one of the following: