Which of the following is required in order to provide accountability?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
Accountability can actually be seen in two different ways: 1) Although audit trails are also needed for accountability, no user can be accountable for their actions unless properly authenticated.
2) Accountability is another facet of access control.
Individuals on a system are responsible for their actions.
This accountability property enables system activities to be traced to the proper individuals.
Accountability is supported by audit trails that record events on the system and network.
Audit trails can be used for intrusion detection and for the reconstruction of past events.
Monitoring individual activities, such as keystroke monitoring, should be accomplished in accordance with the company policy and appropriate laws.
Banners at the log-on time should notify the user of any monitoring that is being conducted.
The point is that unless you employ an appropriate auditing mechanism, you don't have accountability.
Authorization only gives a user certain permissions on the network.
Accountability is far more complex because it also includes intrusion detection, unauthorized actions by both unauthorized users and authorized users, and system faults.
The audit trail provides the proof that unauthorized modifications by both authorized and unauthorized users took place.
No proof, No accountability.
Source: KRUTZ, Ronald L.
& VINES, Russel.
D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Page 50
The Shon Harris AIO book, 4th Edition, on Page 243 also states: Auditing Capabilities ensures users are accountable for their actions, verify that the secutiy policies are enforced, and can be used as investigation tools.
Accountability is tracked by recording user, system, and application activities.
This recording is done through auditing functions and mechanisms within an operating sytem or application.
Audit trail contain information about operating System activities, application events, and user actions.
The correct answer is D. Audit trails.
Accountability is the concept of being held responsible for one's actions. In order to provide accountability, it is necessary to have a way to track and record the actions that have been taken. This is where audit trails come in.
Audit trails are records that document who did what, when, and why. They can be used to track changes to data or configurations, as well as to monitor user activity. By keeping a record of all actions taken, an audit trail provides a way to hold individuals accountable for their actions.
Authentication, integrity, and confidentiality are also important concepts in information security, but they do not directly relate to accountability. Authentication refers to the process of verifying the identity of a user or system. Integrity refers to the assurance that data has not been modified or tampered with. Confidentiality refers to the protection of sensitive information from unauthorized access.
While these concepts are important in their own right, they do not provide a direct means of accountability. It is only through the use of audit trails that organizations can track and monitor user activity and provide a means of holding individuals accountable for their actions.