What should be monitored closely with respect to elevation of policy?

Monitoring the interaction of applications is crucial when it comes to policy elevation because this aspect directly affects the security and integrity of the system. When applications interact, especially with elevated privileges, there is a potential risk for malicious activity. Malicious actions can arise when one application, having gained elevated privileges, interacts with another application in ways that could compromise security policies or system integrity.

Close monitoring of application interactions can help identify potential vulnerabilities, such as privilege escalation attacks, which exploit flaws in software to gain unauthorized access or control over system resources. By overseeing how these applications communicate and share data, organizations can ensure that no malicious processes are introduced and that security policies are adhered to.

In contrast, while change of system files, incoming network traffic, and performance of the operating system are important for overall system health and security, they do not specifically address the risks associated with policy elevation in the way that monitoring application interactions does. Only by paying close attention to how applications interact can one fully understand the implications of elevated privileges on security policy compliance.