A security administrator has been conducting an account permissions review that has identified several users who belong to functional groups and groups responsible for auditing the functional groups’ actions. Several recent outages have not been able to be traced to any user.
Which of the following should the security administrator recommend to preserve future audit log integrity?
A . Enforcing stricter onboarding workflow policies
B . Applying least privilege to user group membership
C . Following standard naming conventions for audit group users
D . Restricting audit group membership to service accounts
Answer: C