A regional healthcare provider leveraging a platform-as-a-service (PaaS) cloud model detects suspicious activity involving unauthorized access to patient records. During the investigation, the incident response team attempts to retrieve system logs from virtual machines used during the breach. However, they realize that crucial log files are unavailable, as the short-lived instances were automatically terminated shortly after the event. This hampers their ability to reconstruct a complete activity trail and trace the attacker's movements. Which core cloud forensic challenge does this situation most likely reflect?
Submit