While investigating a compromised Web server, an auditor found that the Web server logs had been deleted. The auditor should recommend that the Web server logs be:
While investigating a compromised Web server, an auditor found that the Web server logs had been deleted. The auditor should recommend that the Web server logs be:
To ensure the integrity and availability of the Web server logs, they should be generated and maintained on a separate secure server. This mitigates the risk of log deletion or tampering directly on the compromised Web server, providing a more secure and reliable audit trail for future investigations.
Why not c
encryption is too cost consuming