An administrator is centralizing logs from multiple departments to a shared platform where tamper protection and classification are required. Which approach best ensures that logs remain intact for investigation and threat responses?
Send all messages to a single email server for archiving without additional safeguards
Use an intermediary that stores and validates logs, then forwards them for consolidation over encrypted channels
Allow systems to keep data locally without an intermediary and manually merge file snapshots monthly
Distribute logs by converting them into PDFs and storing them individually on separate networks
Combining logs in one secure location with robust access controls and encryption helps safeguard their integrity. By directing logs to an intermediary with specialized features, there is consistent oversight, minimal chance of unnoticed manipulation, and streamlined detection. Relying on PDFs, emails, or scattered local storage introduces potential changes and gaps in coverage.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.