ISC2 Certified Cloud Security Professional (CCSP) Practice Question
Your organization collects security logs from cloud-hosted virtual machines and must keep them for potential litigation. The security architect needs to ensure that any individual log file can later be shown to be (1) exactly the same bits that were gathered at collection time and (2) unquestionably linked to the administrator who performed the collection. Which approach best meets both chain-of-custody and non-repudiation requirements for each log file?
Digitally sign each log file with the organization's root CA private key and record the signature hash on a blockchain ledger.
Generate a SHA-256 hash of the log at collection, then place the hash, collection timestamp, and collector's certificate inside a digitally signed manifest kept with the file.
Encrypt each log file with AES-256 and store the encryption key in the cloud provider's key-management service.
Write logs directly to a storage bucket configured with write-once-read-many (WORM) retention and governance-mode legal hold.
Chain of custody demands a verifiable record that the evidence has not been altered from the moment it is collected. Calculating a cryptographic hash (such as SHA-256) at the time of collection establishes an integrity reference. Storing that hash inside a time-stamped manifest that is itself digitally signed-with the collector's X.509 private key-creates an auditable record tying the evidence to a specific, authenticated identity. The digital signature delivers non-repudiation because the signer cannot later deny performing the action, and any change to the manifest or the log alters the signature validation. Simply encrypting data, enabling WORM storage, or writing to a blockchain may help with confidentiality or tamper evidence, but without a collector-bound digital signature and an original hash, they do not fully satisfy both integrity across the chain of custody and non-repudiation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of a SHA-256 hash in relation to chain of custody and data integrity?
Open an interactive chat with Bash
How does a digitally signed manifest assist with non-repudiation?
Open an interactive chat with Bash
What are the advantages of storing logs on a blockchain compared to a digitally signed manifest?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Cloud Data Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .