CISSP · Question #544
Which of the following BEST provides for non-repudiation od user account actions?
The correct answer is D. Centralized logging system. Non-repudiation ensures that a user cannot deny performing an action, which requires tamper-evident, centralized records of all account activity. A centralized logging system best fulfills this requirement by collecting and storing immutable audit trails from multiple sources.
Question
Which of the following BEST provides for non-repudiation od user account actions?
Options
- ACentralized authentication system
- BFile auditing system
- CManaged Intrusion Detection System (IDS)
- DCentralized logging system
How the community answered
(19 responses)- B5% (1)
- D95% (18)
Why each option
Non-repudiation ensures that a user cannot deny performing an action, which requires tamper-evident, centralized records of all account activity. A centralized logging system best fulfills this requirement by collecting and storing immutable audit trails from multiple sources.
A centralized authentication system verifies identity at login but does not maintain comprehensive records of all subsequent user account actions needed to prove non-repudiation.
A file auditing system tracks changes to specific files but is limited in scope and does not provide broad coverage of all user account actions across the entire environment.
A managed IDS detects and alerts on suspicious network activity in real time but is not designed to record and preserve user account action history for non-repudiation purposes.
A centralized logging system aggregates log data from all systems into a single, authoritative repository, making it difficult for users to deny their actions since records are stored outside their control. This provides non-repudiation by maintaining timestamped, tamper-resistant records of user account actions across the environment. Centralized logs can be correlated, retained, and protected from modification, satisfying forensic and compliance requirements.
Concept tested: Non-repudiation through centralized audit logging
Source: https://csrc.nist.gov/glossary/term/non_repudiation
Topics
Community Discussion
No community discussion yet for this question.