Which of the following situations would cause the GREATEST concern around the integrity of application logs?
Which of the following situations would cause the GREATEST concern around the integrity of application logs?
Weak privileged access management controls are the greatest concern for the integrity of application logs because they allow unauthorized or excessive access to logs. If individuals with high-level access have insufficient restrictions, they can alter or erase logs, undermining the integrity and trustworthiness of log data.
Logs may contain information that is sensitive or needed for forensic purposes, so they should be configured in ways that prevent alteration or deletion as well as preventing access by authorized personnel. In particular, they should be implemented in ways that prevent administrators with responsibility for systems or applications from altering or deleting logs made against their own scopes of responsibility. The risk practitioner should consider log access pennissions as part of evaluating the level of potential insider threat.
Strong privileged access control can ensure data integrity by limiting who has access to data.
It's not correct. D. Acces privileged controls the confidenciality, not the integrity. A SIEM (tracking changing logs) protect the integrity of the application.