CCC.AuditLog.C07: Enforce MFA Delete on Audit Log Bucket
Control ID:CCC.AuditLog.C07
Title:Enforce MFA Delete on Audit Log Bucket
Objective:Enable Multi-Factor Authentication (MFA) delete on the audit log bucket to
provide greater protection against accidental or malicious deletion of audit data.
Control Family:
Availability
Related Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.Core.TH06 | Data is Lost or Corrupted | Services that rely on accurate data are susceptible to disruption in the event of data loss or corruption. Any actions that lead to the unintended deletion, alteration, or limited access to data can impact the availability of the service and the system it is part of. | 1 | 1 | 0 |
| CCC.Core.TH07 | Logs are Tampered With or Deleted | Tampering or deletion of service logs will reduce the system's ability to maintain an accurate record of events. Any actions that compromise the integrity of logs could disrupt system availability by disrupting monitoring, hindering forensic investigations, and reducing the accuracy of audit trails. | 1 | 1 | 0 |