Discover the most critical factor affecting application log integrity among SIEM absence, data classification policies, hashing algorithms, and privileged access management controls.
Table of Contents
Question
Which of the following situations would cause the GREATEST concern around the integrity of application logs?
A. Lack of a security information and event management (SIEM) system
B. Lack of data classification policies
C. Use of hashing algorithms
D. Weak privileged access management controls
Answer
D. Weak privileged access management controls
Explanation
Explanation: Weak privileged access management controls pose the greatest risk to the integrity of application logs. Privileged access, such as administrator or root access, grants users extensive permissions to modify system configurations, access sensitive data, and alter log files. Without proper controls, malicious insiders or compromised privileged accounts can tamper with logs to cover their tracks or mislead investigations.
While the other options have implications for log management and security, they do not directly impact log integrity to the same extent:
A. The absence of a SIEM system hinders log aggregation, correlation, and real-time monitoring but does not inherently compromise log integrity.
B. Lack of data classification policies may lead to improper handling of sensitive information but does not directly affect the integrity of logged events.
C. Hashing algorithms, when properly implemented, enhance log integrity by providing a means to detect unauthorized modifications.
Therefore, weak privileged access management controls present the greatest concern for maintaining the integrity and trustworthiness of application logs.
ISACA Certified in Risk and Information Systems Control (CRISC) certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the ISACA CRISC exam and earn ISACA CRISC certification.