Certified Information Systems Security Professional (CISSP) — Question 1

A developer is creating an application that requires secure logging of all user activity. What is the BEST permission the developer should assign to the log file to ensure requirements are met?

Answer options

• A. Execute
• B. Read
• C. Write
• D. Append

Correct answer: D

Explanation

The best permission for the log file is 'Append' because it allows new log entries to be added without altering existing entries, ensuring a complete record of user activity. 'Execute' and 'Read' do not provide the necessary control over logging, while 'Write' could potentially allow overwriting of existing logs, which is not secure.