CISA Certified Information Systems Auditor – Question1458

Which of the following would prevent unauthorized changes to information stored in a server's log?

A.
Write-protecting the directory containing the system log
B. Writing a duplicate log to another server
C. Daily printing of the system log
D. Storing the system log in write-once media

Correct Answer: D

Explanation:

Explanation:
Storing the system log in write-once media ensures the log cannot be modified. Write- protecting the system log does not prevent deletion or modification, since the superuser or users that have special permission can override the write protection. Writing a duplicate log to another server or daily printing of the system log cannot prevent unauthorized changes.