One of your primary business objectives is being able to trust the data stored in your application. You want to log all changes to the application data. How can you design your logging system to verify authenticity of your logs?
Choose an answer
Tap an option to check your answer.
Correct answer: Digitally sign each timestamp and log entry and store the signature.
Why this is the answer
Digitally signing each timestamp and log entry and storing the signature is the most effective way to verify the authenticity and integrity of logs. A digital signature uses cryptography to ensure that the log entry has not been tampered with since it was signed. Any modification to the log entry would invalidate the signature, thus providing a verifiable mechanism for trust. Writing logs concurrently in the cloud and on-premises provides redundancy but doesn't inherently verify authenticity; an attacker could compromise both. Using a SQL database with limited modification access relies on access control, which can be bypassed or compromised, and doesn't provide cryptographic proof of integrity. Creating a JSON dump in Google Cloud Storage stores the data but offers no built-in mechanism to verify that the data hasn't been altered after creation.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed