An IS auditor discovers that security logs are generated but retained for only 7 days due to storage limitations. The organization's incident response procedures require 90 days of log data for investigation. What is the PRIMARY risk?

Home › MCQs › CISA › Question #6846

CISA QUESTION #6846

Question 1

Inadequate storage capacity
Insufficient log retention prevents effective incident investigation and forensic analysis✔️
Excessive log volume
Complex log management

Correct Answer Explanation

The 83-day gap between log retention (7 days) and investigative requirements (90 days) means most incidents cannot be properly investigated. By the time incidents are detected and investigation begins, critical evidence has been deleted. This severely compromises security monitoring, incident response, and forensic capabilities.

More Options