nerdexam
(ISC)2

CISSP · Question #865

To protect auditable information, which of the following MUST be configured to only allow read access?

The correct answer is B. Transaction log files. To protect auditable information, transaction log files must be configured to only allow read access. Transaction log files are files that record and store the details or the history of the transactions or the activities that occur within a system or a database, such as the date,

Submitted by anna_se· Mar 5, 2026Security Operations

Question

To protect auditable information, which of the following MUST be configured to only allow read access?

Options

  • ALogging configurations
  • BTransaction log files
  • CUser account configurations
  • DAccess control lists (ACL)

How the community answered

(25 responses)
  • B
    92% (23)
  • C
    4% (1)
  • D
    4% (1)

Explanation

To protect auditable information, transaction log files must be configured to only allow read access. Transaction log files are files that record and store the details or the history of the transactions or the activities that occur within a system or a database, such as the date, the time, the user, the action, or the outcome. Transaction log files are important for auditing purposes, as they can provide the evidence or the proof of the transactions or the activities that occur within a system or a database, and they can also support the recovery or the restoration of the system or the database in case of a failure or a corruption. To protect auditable information, transaction log files must be configured to only allow read access, which means that only authorized users or devices can view or access the transaction log files, but they cannot modify, delete, or overwrite the transaction log files. This can prevent or reduce the risk of tampering, alteration, or destruction of the auditable information, and it can also ensure the integrity, the accuracy, or the reliability of the auditable information.

Topics

#audit logs#log integrity#read-only access#security monitoring

Community Discussion

No community discussion yet for this question.

Full CISSP Practice