nerdexam
(ISC)2

CISSP · Question #544

Which of the following BEST provides for non-repudiation od user account actions?

The correct answer is D. Centralized logging system. Non-repudiation ensures that a user cannot deny performing an action, which requires tamper-evident, centralized records of all account activity. A centralized logging system best fulfills this requirement by collecting and storing immutable audit trails from multiple sources.

Submitted by lucia.co· Mar 5, 2026Security Operations

Question

Which of the following BEST provides for non-repudiation od user account actions?

Options

  • ACentralized authentication system
  • BFile auditing system
  • CManaged Intrusion Detection System (IDS)
  • DCentralized logging system

How the community answered

(19 responses)
  • B
    5% (1)
  • D
    95% (18)

Why each option

Non-repudiation ensures that a user cannot deny performing an action, which requires tamper-evident, centralized records of all account activity. A centralized logging system best fulfills this requirement by collecting and storing immutable audit trails from multiple sources.

ACentralized authentication system

A centralized authentication system verifies identity at login but does not maintain comprehensive records of all subsequent user account actions needed to prove non-repudiation.

BFile auditing system

A file auditing system tracks changes to specific files but is limited in scope and does not provide broad coverage of all user account actions across the entire environment.

CManaged Intrusion Detection System (IDS)

A managed IDS detects and alerts on suspicious network activity in real time but is not designed to record and preserve user account action history for non-repudiation purposes.

DCentralized logging systemCorrect

A centralized logging system aggregates log data from all systems into a single, authoritative repository, making it difficult for users to deny their actions since records are stored outside their control. This provides non-repudiation by maintaining timestamped, tamper-resistant records of user account actions across the environment. Centralized logs can be correlated, retained, and protected from modification, satisfying forensic and compliance requirements.

Concept tested: Non-repudiation through centralized audit logging

Source: https://csrc.nist.gov/glossary/term/non_repudiation

Topics

#non-repudiation#logging#auditing#security principles

Community Discussion

No community discussion yet for this question.

Full CISSP Practice