An IS auditor has been asked to review an event log aggregation system to ensure risk management practices have been applied. Which of the following should be of MOST concern to the auditor?
An IS auditor has been asked to review an event log aggregation system to ensure risk management practices have been applied. Which of the following should be of MOST concern to the auditor?
Data encryption standards are crucial in ensuring the confidentiality and integrity of log data. Without encryption, the data could be susceptible to unauthorized access, tampering, and breaches. This poses a significant risk to the overall security and accuracy of the event log aggregation system, making the absence of data encryption standards the most concerning factor.
Data encryption is crucial for protecting sensitive information contained within the event logs. If encryption standards have not been considered or implemented, it poses a significant risk to the confidentiality and integrity of the log data. Unauthorized access or tampering could occur, leading to potential breaches or manipulation of critical information. The best answer is D
D is wrong A is the right answer.
Data encryption is important, but ensuring integrity is a fundamental security requirement.
Of the three categories of information security, confidentiality, integrity, and availability, logs fall into the integrity category.
I though encryption is very important to ensure the log data is not being modified.