High resource utilization during attacks may indicate which of the following?

High resource utilization during attacks is often associated with a sudden increase in log messages from the operating system and applications. This spike in log messages can occur as a result of various malicious activities, such as automated scripts, brute force attacks, or other types of attacks that generate significant amounts of logging data.

When an attacker tries to exploit a system, the actions taken can lead to extensive logging due to the numerous failed attempts, system responses, or other activities that are recorded. This increase in log messages consumes system resources, such as CPU and memory, which can manifest as high resource utilization. Monitoring system logs during such events is crucial for incident handlers to identify and understand the attack vector being used against the system.

In contrast, while database logs showing attempts to access sensitive data and unauthorized access attempts to important files may indicate suspicious activity, they do not inherently result in high resource usage. Similarly, the creation of new files or directories can also indicate malicious behavior but is not directly correlated with a sudden resource spike as log messages are. Thus, the correlation between elevated resource usage and increased log messages during an attack makes this choice the most accurate in the context of identifying potential malicious activities.