Isaca Certified in Risk and Information Systems Control CRISC Question # 158 Topic 16 Discussion

CRISC Exam Topic 16 Question 158 Discussion:

Question #: 158

Topic #: 16

Which of the following is MOST important to the integrity of a security log?

Least privilege access

Inability to edit

Ability to overwrite

Encryption

Get Premium CRISC Questions

Explanation

A security log is a record of security-related events or activities that occur in an IT system, network, or application, such as user authentication, access control, firewall activity, or intrusion detection1. Security logscan help to monitor and audit the security posture and performance of the IT environment, and to detect and investigate any security incidents, breaches, or anomalies2.

The integrity of a security log refers to the accuracy and completeness of the log data, and the assurance that the log data has not been modified, deleted, or tampered with by unauthorized or malicious parties3. The integrity of a security log is essential for ensuring the reliability and validity of the log analysis and reporting, and for providing evidence and accountability for security incidents and compliance4.

Among the four options given, the most important factor to the integrity of a security log is the inability to edit. This means that the security log data should be protected from any unauthorized or accidental changes or alterations, such as adding, deleting, or modifying log entries, or changing the log format or timestamps5. The inability to edit can be achieved by implementing various controls and measures, such as:

Applying digital signatures or hashes to the log data to verify its authenticity and integrity

Encrypting the log data to prevent unauthorized access or disclosure

Implementing least privilege access to the log data to restrict who can view, modify, or delete the log data

Using write-once media or devices to store the log data, such as CD-ROMs or WORM drives

Sending the log data to a secure and centralized log server or repository, and using syslog or other protocols to ensure secure and reliable log transmission

Performing regular backups and archiving of the log data to prevent data loss or corruption

References = Security Log: Best Practices for Logging and Management, Security Audit Logging Guideline, Confidentiality, Integrity, & Availability: Basics of Information Security, Steps for preserving the integrity of log data, Guide to Computer Security Log Management

Actual exam question for Isaca CRISC exam by Rael67 at Aug 3, 2025, 11:20:10 AM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Isaca Certified in Risk and Information Systems Control CRISC Question # 158 Topic 16 Discussion

Isaca Certified in Risk and Information Systems Control CRISC Question # 158 Topic 16 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Isaca Certified in Risk and Information Systems Control CRISC Question # 158 Topic 16 Discussion

Isaca Certified in Risk and Information Systems Control CRISC Question # 158 Topic 16 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval