New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

PECB ISO-IEC-27001-Lead-Auditor Exam - Topic 1 Question 48 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 48
Topic #: 1
[All ISO-IEC-27001-Lead-Auditor Questions]

To verify conformity to control 8.15 Logging of ISO/IEC 27001 Annex A, the audit team verified a sample of server logs to determine if they can be edited or deleted. Which audit procedure was used?

Show Suggested Answer Hide Answer
Suggested Answer: A

The audit procedure used here is 'analysis.' The audit team analyzed server logs to verify if they can be edited or deleted, focusing on evaluating the logs' properties and the controls over their manipulation to ensure they comply with ISO/IEC 27001 requirements.


by Gilberto at Sep 12, 2024, 10:32 PM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27001-Lead-Auditor Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Jessenia
3 months ago
I agree, Analysis makes the most sense here.
upvoted 0 times
...
Starr
3 months ago
Wait, can server logs really be edited? That’s surprising!
upvoted 0 times
...
Chery
3 months ago
Observation seems unlikely for this one.
upvoted 0 times
...
Felicidad
4 months ago
I think it’s Sampling, though.
upvoted 0 times
...
Ollie
4 months ago
Definitely sounds like they used Analysis.
upvoted 0 times
...
Theodora
4 months ago
I recall something about "Sampling" being used in similar scenarios, but I can't shake the feeling that "Analysis" fits better for this specific case.
upvoted 0 times
...
Devora
4 months ago
I feel like "Observation" could be relevant too, but it seems more like they are checking the logs directly, which might lean towards "Analysis."
upvoted 0 times
...
Jaime
4 months ago
I'm not entirely sure, but I remember a practice question where we had to choose between "Sampling" and "Observation." This feels more like "Sampling" to me.
upvoted 0 times
...
Bethanie
5 months ago
I think the audit procedure used here might be "Analysis," since they are looking closely at the logs to see if they can be altered.
upvoted 0 times
...
Hortencia
5 months ago
Okay, I've got this. The audit team was checking the integrity of the server logs, so the correct audit procedure would be analysis to verify the logs can't be edited or deleted.
upvoted 0 times
...
Alfreda
5 months ago
I'm a bit confused by this question. The options don't seem to directly match the details provided. I'll have to think it through carefully before answering.
upvoted 0 times
...
Blondell
5 months ago
Hmm, I'm not totally sure about this one. The question talks about verifying if the logs can be edited or deleted, so maybe observation would be the right audit procedure to check that?
upvoted 0 times
...
Rocco
5 months ago
This question seems straightforward. I think the audit procedure used was sampling, since the question mentions the audit team verified a "sample" of server logs.
upvoted 0 times
...
Jodi
5 months ago
Hmm, I'm not totally sure about this one. I think it might be interval, but I'm not 100% confident. I'll have to think it through carefully.
upvoted 0 times
...
Viola
1 year ago
If I was an auditor, I'd want to make sure I have a good sample size to draw conclusions. B) Sampling is the way to go.
upvoted 0 times
...
Lizbeth
1 year ago
Haha, I bet the auditors had a blast watching paint dry on those servers. C) Observation is the way to go!
upvoted 0 times
Clorinda
1 year ago
Haha, yeah, watching paint dry on servers sounds like a thrilling time for auditors.
upvoted 0 times
...
Justine
1 year ago
I agree, it's important to make sure they can't be tampered with.
upvoted 0 times
...
Stacey
1 year ago
Observation is definitely the best way to verify those server logs.
upvoted 0 times
...
...
Leeann
1 year ago
I'm not sure, but I think Observation could also be used to verify the server logs.
upvoted 0 times
...
Krissy
1 year ago
I agree with Audrie, Sampling makes sense to verify conformity to control 8.15 Logging.
upvoted 0 times
...
Beth
1 year ago
A) Analysis could work, but I'm not sure it's specific enough to the logging control. B) Sampling makes the most sense to me.
upvoted 0 times
...
Vicky
1 year ago
C) Observation seems like the logical choice here. The audit team would need to actually watch the servers to see if the logs can be edited or deleted.
upvoted 0 times
Dannie
1 year ago
I agree, it's important to physically observe the servers to ensure the logs are secure.
upvoted 0 times
...
Eliseo
1 year ago
Yes, observation is the best way to verify if the logs are tamper-proof.
upvoted 0 times
...
Skye
1 year ago
The audit team would need to actually watch the servers to see if the logs can be edited or deleted.
upvoted 0 times
...
Viola
1 year ago
Observation seems like the logical choice here.
upvoted 0 times
...
Dell
1 year ago
That makes sense, they need to see it in action to verify compliance.
upvoted 0 times
...
Carmela
1 year ago
Yes, the audit team would need to physically watch the servers.
upvoted 0 times
...
Millie
1 year ago
Observation seems like the logical choice here.
upvoted 0 times
...
...
Audrie
1 year ago
I think the audit procedure used was Sampling.
upvoted 0 times
...
Dulce
1 year ago
I think the correct answer is B) Sampling. It's the most effective way to verify a control like logging that applies to a large number of servers.
upvoted 0 times
Loreta
1 year ago
Observation could also be useful, but it may not provide a comprehensive view of the effectiveness of the control.
upvoted 0 times
...
Sharita
1 year ago
It's a practical approach to ensure compliance with control requirements without spending excessive time and resources.
upvoted 0 times
...
Eun
1 year ago
Sampling allows us to check a representative sample of logs without having to go through each one individually.
upvoted 0 times
...
Delsie
1 year ago
I agree, B) Sampling is the best way to verify a control like logging on multiple servers.
upvoted 0 times
...
...

Save Cancel