A financial institution is preparing for an audit to determine if they are compliant with FFIEC guidelines. which of the following controls would MOST effectively meet the criteria set for secure log transmission, normalization, storage and protection? (select 2)
A. encrypting log files that contain sensitive data
B. Creating a schedule to purge logs every 24 hours
C. Removing write permission for logs of the local host
D. Limiting administrator permissions to restrict viewing of local log files
E. Writing logs to a WORM device.
option a and e are correct.
The encrypting of the log files can allow no access to the unauthorized users.Users can have the access to the files based on their designations.Intruders often try to edit or delete the log files.So a security keys is mandatory for the saved and the transmitting logs.
Writing the logs to a secured worm(write once read many) device will ensure that no unauthorized user can modify the data in an offline mode also.If the data is harmed the user is informed.
Get Answers For Free
Most questions answered within 1 hours.