1
System Security
medium
A company runs a critical database server on a Linux system. The server is subject to a strict compliance policy that requires all commands executed by the database administrator (user 'dbadmin') to be logged. Additionally, any attempt to change the system time must be logged regardless of the user. The administrator has configured auditd and added the following rules: -w /usr/bin -p x -k binary_exec, -a always,exit -F arch=b64 -S adjtimex -F key=time_change. However, during a compliance audit, it is discovered that not all commands executed by dbadmin are being logged. Which of the following is the most likely cause?