Mechanisms exist to protect event logs and audit tools from unauthorized access, modification and deletion.
Control Question
Assessment question for control validation
Does the organization protect event logs and audit tools from unauthorized access, modification and deletion?
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: MON-08
ESP Level 2: MON-08
ESP Level 3: MON-08