You are an engineer on the IT Security Operations team and are contacted by a server administrator. While troubleshooting performance problems on an Internet$-$accessible web server, she discovered a process that she didn$$t recognize, that seemed to be taking up a lot of CPU time. You do some quick internet searches for the process name, but cannot find any results.

The server administrator tells you that the web server hosts the public website for your organization; it provides public information about the organization, including contact information, public meeting agendas and minutes, program missions and achievements, and services available. The server is running a web service and application middleware; most of the web site content is stored on a separate database server.

In which of the following locations would you LEAST expect to find information about how the server was compromised?

System event logs $($e$.$g$.$ syslog on a Unix server, or Windows event logs on a Windows server$)$

Database transaction logs

Filesystem metadata

Web server logs