Which information security principle was violated in this case?

During an internal audit, a company’s IT team discovered a suspicious discrepancy in network logs After analyzing the network logs, the company found that some of the logs related to user access and activities were incomplete. Certain events and actions were missing, thus, raising concerns about the company’s security system.

Which information security principle was violated in this case?
A . Confidentiality
B . Integrity
C . Availability

View Answer

Answer: B

Explanation:

The scenario describes a situation where the company’s IT team discovered a discrepancy in network logs, with some logs related to user access and activities being incomplete. This situation points to a violation of the information security principle of integrity.

Integrity in information security refers to the accuracy and completeness of data and information. It ensures that data is not altered or tampered with and remains consistent and accurate. Incomplete network logs suggest that data might have been manipulated, deleted, or not properly recorded, compromising the integrity of the logging system.

Maintaining log integrity is crucial for security monitoring, forensic analysis, and compliance with regulatory requirements. When logs are incomplete, it becomes challenging to detect unauthorized access, investigate incidents, and maintain trust in the system’s accuracy.

Reference: ISO/IEC 27001:2013 – This standard includes requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). It emphasizes the importance of maintaining the integrity of information.

NIST SP 800-92 – Provides guidelines for computer security log management, highlighting the importance of ensuring the integrity and reliability of log data to support effective security monitoring and incident response.

Integrity violations can have serious consequences, including undetected security breaches, inability to comply with legal and regulatory requirements, and loss of trust in the organization’s information systems.