CISSP Practice question #165

Log reviews is which type of control?
A: Detective.
B: Preventative.
C: Deterrent.
D: Administrative.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


A: Security Audit Logs: Reviewing security audit logs in an IT system is one of the easiest ways to verify that access control mechanisms are working as intended. Reviewing audit logs is primarily a detective control. Centralized Logging: Should be automated, secure and even administrators should have limited access. Often a central repository is hashed and never touched, and a secondary copy is analyzed to ensure integrity. Logs should have a retention policy to ensure we are compliant and we keep the logs as long as we need them.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

You may also like

37 Comments

Leave a Reply