CISSP Question #1490: Real Exam Question with Answer & Explanation

The correct answer is D: Remote access audit logs. Audit log mismanagement can inadvertently cause a Denial of Service against an authentication system when logs fill up storage resources. Remote access audit logs are especially high-volume and can exhaust disk space, causing authentication services to fail.

Submitted by saadiq_pk· Mar 5, 2026Security Architecture and Engineering

Question

Which of the following could cause a Denial of Service (DoS) against an authentication system?

Options

AEncryption of audit logs
BNo archiving of audit logs
CHashing of audit logs
DRemote access audit logs

Explanation

Audit log mismanagement can inadvertently cause a Denial of Service against an authentication system when logs fill up storage resources. Remote access audit logs are especially high-volume and can exhaust disk space, causing authentication services to fail.

Common mistakes.

A. Encryption of audit logs affects the confidentiality of log data but does not consume excessive storage or block authentication services from functioning, so it does not cause a DoS.
B. While failing to archive logs can eventually lead to storage exhaustion, the question asks what 'could cause' a DoS, and the act of not archiving is a contributing condition rather than the direct mechanism that a high-volume source like remote access logs represents.
C. Hashing of audit logs is an integrity-protection mechanism that adds minimal overhead and does not consume storage in a way that would deny access to the authentication system.

Concept tested. Audit log volume causing authentication system denial of service

Reference. https://csrc.nist.gov/publications/detail/sp/800-92/final

Topics

#Denial of Service (DoS)#Authentication system#Audit logs#System availability

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions