Certified Information Systems Security Professional (CISSP) — Question 336

A cloud service provider requires its customer organizations to enable maximum audit logging for its data storage service and to retain the logs for the period of three months. The audit logging gene has extremely high amount of logs. What is the MOST appropriate strategy for the log retention?

Answer options

• A. Keep all logs in an online storage.
• B. Keep last week's logs in an online storage and the rest in an offline storage.
• C. Keep last week's logs in an online storage and the rest in a near-line storage.
• D. Keep all logs in an offline storage.

Correct answer: C

Explanation

Option C is correct as it allows for quick access to the most recent logs while efficiently managing older logs in near-line storage, which balances retrieval speed and cost. Option A is not ideal due to the high volume of logs that would increase costs. Option B limits access to older logs stored offline, which may not meet audit requirements. Option D completely removes accessibility to logs, which is impractical for compliance and auditing purposes.