Log reviews is which type of control?
CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests
A: Security Audit Logs: Reviewing security audit logs in an IT system is one of the easiest ways to verify that access control mechanisms are working as intended. Reviewing audit logs is primarily a detective control. Centralized Logging: Should be automated, secure and even administrators should have limited access. Often a central repository is hashed and never touched, and a secondary copy is analyzed to ensure integrity. Logs should have a retention policy to ensure we are compliant and we keep the logs as long as we need them.