Which activity helps verify that audit trails are protected from alteration?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Which activity helps verify that audit trails are protected from alteration?

Explanation:
Audit trail integrity comes from who can access and change logs, and how those logs are stored and protected. The most reliable way to verify that audit trails cannot be altered is to examine the actual safeguards in place: the permissions and configurations controlling log creation and modification, where the logs are stored, and whether protective measures (like restricted write access, centralized/immutable storage, or cryptographic signing) are implemented. Interviewing system administrators and reviewing these configurations and permissions provides direct evidence of whether the audit trails are protected from tampering. Inspecting physical hardware only may miss software-level controls that allow modification. Reviewing firewall logs looks at a different set of logs and doesn’t confirm protection of the audit trails themselves. A vulnerability scan checks for weaknesses but doesn’t prove that audit logs are safeguarded against alteration.

Audit trail integrity comes from who can access and change logs, and how those logs are stored and protected. The most reliable way to verify that audit trails cannot be altered is to examine the actual safeguards in place: the permissions and configurations controlling log creation and modification, where the logs are stored, and whether protective measures (like restricted write access, centralized/immutable storage, or cryptographic signing) are implemented. Interviewing system administrators and reviewing these configurations and permissions provides direct evidence of whether the audit trails are protected from tampering.

Inspecting physical hardware only may miss software-level controls that allow modification. Reviewing firewall logs looks at a different set of logs and doesn’t confirm protection of the audit trails themselves. A vulnerability scan checks for weaknesses but doesn’t prove that audit logs are safeguarded against alteration.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy