CCC.TH07 - Logs are Tampered With or Deleted

← Back to CCC Relational Database Management System Features

CCC.TH07: Logs are Tampered With or Deleted

Threat ID:CCC.TH07

Title:Logs are Tampered With or Deleted

Description:

Logs may be tampered with or deleted due to inadequate access controls, or misconfigurations. This can make it difficult to identify security incidents, disrupt forensic investigations, and affect the accuracy of audit trails.

Related Features:

ID	Title	Description
CCC.F03	Access/Activity Logs	Provides users with the ability to track all requests made to or activities performed on resources for audit purposes.
CCC.F10	Logging	Provides the ability to transmit system events, application activities, and/or user interactions to a logging service

MITRE ATT&CK Techniques:

T1070

T1565

T1027

Related Controls:

ID	Title
CCC.C09	Prevent Tampering, Deletion, or Unauthorized Access to Access Logs