Certified in Risk and Information Systems Control (CRISC) — Question 1284

Which of the following situations would cause the GREATEST concern around the integrity of application logs?

Answer options

• A. Lack of a security information and event management (SIEM) system
• B. Lack of data classification policies
• C. Use of hashing algorithms
• D. Weak privileged access management controls

Correct answer: D

Explanation

Weak privileged access management controls can lead to unauthorized access and manipulation of application logs, compromising their integrity. While a lack of a SIEM system and data classification policies are concerns, they do not directly affect the logs' integrity as severely as weak access controls. The use of hashing algorithms is actually a method to enhance log integrity, not diminish it.