During a recent audit of security logs, an analyst discovers that certain log entries are sporadically missing over the past month. Understanding the importance of logs for detecting and troubleshooting anomalies, which of the following is the BEST explanation for the missing logs?
Log tampering is a deliberate act to manipulate or erase logs to hide unauthorized activities or to disrupt the integrity of the logging process. While logs can be lost due to technical issues such as configuration errors or system overload, sporadic and selective disappearance is more indicative of a deliberate effort to alter logs, which signifies that log tampering is the most likely explanation. Scheduled maintenance wouldn't selectively affect log entries, and time synchronization issues would cause discrepancies in timestamps rather than missing entries. Log rotation without archiving could lead to loss of older records, but would not usually result in sporadic missing entries.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.