47) An SOC shift supervisor is looking through the admin access logs for the core Layer 3 switches and border gateway firewalls. The supervisor notices there were no administrative access entries for the previous day, but knows IOS upgrades were scheduled on the switches and firewalls according the change control board notifications from the last shift logs. A quick review of the syslog server shows all the files from the previous two hours have the same timestamp, the same for the two-hour period before that, and so on Which of the following is the MOST likely cause? A) A hacker has compromised the network and is in the process of systematically erasing evidence B) The two-hour timestamp consistency is the result of a script running every two hours, C) The upgrades and updates were pushed to a future date. The two-hour timestamp consistency D) The two-hour timestamp consistency is the result of an APT that regularly rewrites the log files of all activity by running an "admin scrape' script every two hours compressing and archiving log files before aggregating them to the admin access logs. is the result of a script running every two hours that makes all log files read-only to disguise its presence