Log reviews is which type of control?
CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests
A: Security Audit Logs: Reviewing security audit logs in an IT system is one of the easiest ways to verify that access control mechanisms are working as intended. Reviewing audit logs is primarily a detective control. Centralized Logging: Should be automated, secure and even administrators should have limited access. Often a central repository is hashed and never touched, and a secondary copy is analyzed to ensure integrity. Logs should have a retention policy to ensure we are compliant and we keep the logs as long as we need them.
IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.