CCC.F03: Access/Activity Logs
Description:Provides users with the ability to track all requests made to or
activities performed on resources for audit purposes.
Related Threats:
| ID | Title | Description |
|---|---|---|
| CCC.TH07 | Logs are Tampered With or Deleted | Attackers may tamper with or delete logs to cover their tracks and evade detection. This prevents security teams from identifying the full scope of an attack and may disrupt forensic investigations. |
| CCC.TH09 | Logs or Monitoring Data are Read by Unauthorized Users | Unauthorized access to logs or monitoring data can provide attackers with valuable information about the system's configuration, operations, and security mechanisms. This can be used to identify vulnerabilities, plan attacks, or evade detection. |
| CCC.TH10 | Alerts are Intercepted | Malicious actors may exploit event notifications to monitor and intercept information about sensitive operations or access patterns. |