Your company decides to start the business of selling toys online and shipping globally. A team in-house is in charge of developing an E-Commerce system that supports the new business. You suspect a former developer deleted some crucial files before leaving the company. Which of the following least helps to blame the malicious behavior on him?
A. Implement reliable authentication mechanism
B. Grant permissions and rights based on duties
C. Maintain a non-repudiable log
D. Correlate and review the logs in terms of a specific subject or theme
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is B. Grant permissions and rights based on duties.
Many thanks to Antony!
You are right. “non-reputable log” never exits. I’m sorry I had a typo; “non-reputable” has been corrected to “non-repudiable”.
This question is asking about “accountability,” which requires authentication, accounting (write logs), and auditing (review and correlate the logs into audit trails).
My definitions of accounting (writing logs) and auditing (reviewing logs) are different from those of the Sybex CISSP Study Guide. I have the opposite perspective. The following is its definitions:
- Accounting (aka accountability) reviewing log files to check for compliance and violations in order to hold subjects accountable for their actions
- Auditing recording a log of the events and activities related to the system and subjects
Stewart, James M.; Chapple, Mike; Gibson, Darril. CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide (Kindle Locations 1737-1738). Wiley. Kindle Edition.
Logs are subject to be alternated and become inadmissible in the court. Maintaining a non-reputable log emphasize that it should be handled by qualified professionals and keep a proper chain of custody so that it’s non-repudiable and admissible.