D - If someone with high-level access can get to the raw log files without proper oversight, they can easily destroy the evidence or modify it, making the logs untrustworthy.
If privileged access management controls are weak, it increases the risk that individuals with elevated permissions could alter, delete, or tamper with logs without detection. This poses a direct threat to the integrity of the logs, as unauthorized changes could go unnoticed.
Logs may contain information that is sensitive or needed for forensic purposes, so they should be configured in ways that prevent alteration or deletion as well as preventing access by authorized personnel. In particular, they should be implemented in ways that prevent administrators with responsibility for systems or applications from altering or
deleting logs made against their own scopes of responsibility. The risk practitioner should consider log access pennissions as part of evaluating the level of potential insider threat.
It's not correct. D. Acces privileged controls the confidenciality, not the integrity. A SIEM (tracking changing logs) protect the integrity of the application.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CRISC Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
trev0r
6 days, 1 hour agoSara98
10 months, 2 weeks agoefe6fee
1 year agoBisibaby
1 year, 1 month agoRadko96
1 year, 2 months ago