CISA Question #379: Real Exam Question with Answer & Explanation

The correct answer is A. Restrict access to activity logs. The best way to prevent the recurrence of irregularities like privileged users deleting transactions from application logs is to restrict access to activity logs. By limiting access to only authorized personnel and implementing strong access controls, the risk of unauthorized mod

Submitted by akirajp· Apr 18, 2026Protection of Information Assets

Question

An IS audit reveals that a privileged user account was used to delete some transactions from application logs. Which of the following would BEST prevent the recurrence of similar irregularities?

Options

ARestrict access to activity logs
BUse write once, read many media for log data storage
CUpdate and share the log retention policy
DDisable administrative accounts that are inactive

Explanation

The best way to prevent the recurrence of irregularities like privileged users deleting transactions from application logs is to restrict access to activity logs. By limiting access to only authorized personnel and implementing strong access controls, the risk of unauthorized modification or deletion of log data is reduced, ensuring the integrity and accountability of logs.

Topics

#Access Control#Log Management#Segregation of Duties#Information Security

Community Discussion

No community discussion yet for this question.

Full CISA Practice