a. Why are integrated log files good? b. Why are they difficult to create? c. Explain the time synchronization issue for integrated log files. d. How do companies achieve time synchronization? e. What...

a. Why are integrated log files good? b. Why are they difficult to create? c. Explain the time synchronization issue for integrated log files. d. How do companies achieve time synchronization? e. What is event correlation? f. Distinguish between aggregation and event correlation. g. Why is analyzing log file data difficult? h. In Figure 10-19, how long is the delay between the first attempted login and the second? i. Does this indicate that the attack is a human attack or an automated attack?