In addition to the above-mentioned controls, sites should turn on System Accounting to track every command executed by logged-in users (if any). While this feature will not prevent someone from compromising the system, it will provide forensic data on how the system was compromised and through which account. Third-party controls may also be used by sites to track such activity.